Re: Writing scripts in Linux

On Mon, 22 Oct 2007 01:05:22 +0000, Bonsai Bonanza wrote:

Bit Twister wrote:
On Sun, 21 Oct 2007 23:02:58 GMT, Rich Leitner wrote:
Okay, I'm a bit new to shell scripting but learning. What's wrong with
writing a shell script as root so long as the script does not have
root privileges itself?


Shell scripts execute with the privs of the user running them.

If you are writing a script as root, and testing it as root, you need to
be very careful, that is all.

here is a VERY stupid example (please DO NOT run it as root - it will
destroy your machine!!!!!!!!!!)

#!/bin/sh
TOPDIR="/"
JUNKDIR1="junk-dir1"
JUNKDIR2="junk-dir2"
echo cleaning out junk-dir1 and junk-dir2 rm -rf $TOPDIR/$JUNKDIR1/*
rm -rf $TOPDIR/$JUNK_DIR2/*


I WANTED to have the script delete everything under "/junk-dir1" &
"/junk-dir2"

Unfortunately, on the second rm line, I wrote: rm -rf
$TOPDIR/$JUNK_DIR2/*

when I MEANT to write
rm -rf $TOPDIR/$JUNKDIR2/*

The outcome is the command
"rm -rf ///*" is run (which is the same as "rm -rf /*"

This command deletes everything on your hard drive, and your system will
stop working... for you, and everyone else.

If you run that script as a regular user, it will start spewing messages
like:
rm: cannot remove directory `bin': Is a directory

yes, eventually it will recursively works its way down to your home
directory, and delete everything there... which would suck... but the
machine is still up and running fine for everyone else.


The "root" account can cause GLOBAL mistakes. A regular user can only
cause LOCAL mistakes.

Okay, that makes good sense. I have a couple old experimental machines
that I fool with, and I often sign on as root (against the conventional
wisdom, I know!) because it's easier and I'm lazy, but I don't really
worry about mucking them up. I'll keep that in mind for any important
machines. Thanks...

Rich
.

Relevant Pages

  • IBM Informix Web DataBlade: Local root by design
    ... IBM Informix Web DataBlade: Local root by design ... Impact: Any user who can: 1) Save a Perl script anywhere on the server's ... admin right on any database can do it by loading the WDB module into ...
    (Bugtraq)
  • RE: Linux hacked
    ... I would also suggest using a simple script in the future that alerts ... Subject: Linux hacked ... To get back into your account you want to use, at the boot manager ... boot normally and you should be able to login as root with your new ...
    (Security-Basics)
  • Re: BSDstats v3.0 - The Security Rewrite
    ... The bsdstats script could easily pick up that entry and set ... a management machine, and that management machine only has ... Email is sent to root containing IDTOKEN= as generated by host, root forwards that to rpt@xxxxxxxxxxxx, rpt@xxxxxxxxxxxx sends back KEY= value ... second time, submits report values to root, root forwards that to rpt@xxxxxxxxxxxx ... ...
    (freebsd-questions)
  • Re: Great SWT Program
    ... from a terminal emulator and log in as root there. ... terminal-emulator windows open, ... The script, suid-root utility, or whatever would ... the command interpreter with root privileges ...
    (comp.lang.java.programmer)
  • Re: running a background bash script as root. dangerous?
    ... I've made a bash shell script that may need to be run as root ... The script will be run as cron job (and could be running ... Bash is running with a different configuration ...
    (comp.os.linux.security)