Writing Better Shell Scripts - Part 3

Posted by jwright on Sep 25, 2010 4:30 AM EDT
Innovations Technology Solutions Blog; By Jeremy Mack Wright
Mail this story
Print this story

Your shell script has little to no chance of running securely if it trusts the environment that it runs in, and that environment has been compromised. You can help protect your script from unintended behavior by not trusting items like environment variables. Whenever possible, assume that input from the external environment has been designed to cause your script problems. The PATH variable is a common source of security holes in scripts. Two of the most common issues are the inclusion of the current directory (via the . character) in the path, and using a PATH variable that’s been manipulated by a cracker. The reason that you don’t want the current directory included in the path is that a malicious version of a command like ls could have been placed in your current directory.

Full Story

» Read more about: Story Type: Tutorial

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.