Bash scripting problems

[Jeff Kinz]

On Sat, Jan 08, 2005 at 11:39:48PM +0000, James Wilkinson wrote:
> Jeff Kinz wrote:
> > You should always use the absolute paths to invoke commands in any script
> > run by root.  This prevents people from putting "trojans" in the path
> 
> This *shouldn't* be necessary, at least on Linux. [1]

I agree - it "shouldn't" be necessary, and in fact you forgot 
that I said :

>>>As a practical matter almost no one uses the "only invoke commands by
>>>>absolute path" approach. Its too cumbersome.

Realistically, the absolute path to a command technique will never enter
general use.

I do use it myself when building installation tools or when developing
tools which will run as third party software on other peoples systems.
Like the "configure" tool - you should never assume much about how any
other site is configured.  Fortunately, like "configure" it easy to do a
little bit of probing and set these values up to be used as needed
in a variable.  Then they can be used easily without fear and without
awkwardness. For example "LS=/bin/ls" (after to checking to see if it is
in deed there) then for "ls" simply use $LS as needed.  This is a common
approach seen in many scripts.

However the real issue here is the difference between a large, strictly
administered corporate-style computing environment and that which the
fedora list is more likely to be addressing:  a less formal, less
strict, less regulated and perhaps home or non-business style computing
environment which is where these two rules of yours (below) simply
will not exist because the local administrator lacks the knowledge
to knowingly follow those rules.  

As you may recall the original question was from a person who could not
figure out how to overcome the aliasing of the "rm" and "cp" commands in
the script they were creating.  this is indicative of the level of
knowledge which we will be seeing on more and more self-administered 
Fedora or Linux systems.

James' two rules which less experienced Root users need to be aware of:
(But probably will not be aware of)
>  * Root's $PATH should never include any directory where non-"trusted"
>    users can write.
> 
>  * Root should only ever run "trusted" scripts.
> 
> And no-one can put trojans in the path.
> 
> OK, I suppose you *can* get around Rule 1 by *always* using absolute
> paths, but you do have to make sure that both interactive users and
> scripts always follow that rule. This isn't the norm, and is difficult
> to enforce.

I agree -  and again I said :
>>>As a practical matter almost no one uses the "only invoke commands by
>>>>absolute path" approach. Its too cumbersome.

[[ re-account of recently history on suid deleted ]]

-- 
Linux/Open Source:  Your infrastructure belongs to you, free, forever.
Idealism:  "Realism applied over a longer time period"
http://www.scaled.com/projects/tierone/
http://kinz.org
http://www.fedoratracker.org http://www.fedorafaq.org
http://www.fedoranews.org
Jeff Kinz, Emergent Research, Hudson, MA.
~
~
~
~