bash trick - prefixing a command?

[jdow]

From: "Jeff Vian" <jvian10 at charter.net>

> On Tue, 2005-10-25 at 14:22 -0400, Dr. Michael J. Chudobiak wrote:
>> Rodolfo Alcazar wrote:
>> > On Tue, 2005-10-25 at 13:00 -0400, Dr. Michael J. Chudobiak wrote:
>> >> I want to do some shell trickery so that when a user enters a command 
>> >> like:
>> >>
>> >> ls -l
>> >>
>> >> the command is forwarded to another program as an argument. That is,
>> >> what actually gets executed is:
>> >>
>> >> myprog "ls -l"
>> >
>> >
>> > [rodolfoap] /home/rodolfoap/test > function ls() { /bin/ls|grep -v 
>> > two; }
>>
>>
>> Thanks, that is a neat trick that I wasn't aware of, but "ls -l" was
>> just an example of one possible input. I want to forward every command
>> to my own program, not just "ls" commands.
>>
>
> Would it always be the same program?   if so then the alias would work
> well, but would be tedious to create one for every command in the
> system.

More to the point what is to stop the user from simply replacing the
ls -l command that uses this function with "/bin/ls -l"?

> A fairly simple script that would loop forever could read all input and
> then call your program with the input as the arguments.  You would have
> to trap the ability to break out of the script so they could not get to
> an actual shell.
>
> something like
>
> while 1
> do
>  readline <read the command input line>
>  <put the values read into VARS here>
>  myprog $VARS <call your program while passing the values read>
>  <reset VARS here>
> done

That might work, until the user hits ^C. So that would have to be trapped,
as you say. And once the user figures out $VARS is magic the rest is
history. This could prove the concept and give yourself an "adventure
shell" experience. But if it's supposed to be a security tool I would
write my own very limited shell.

{^_^}