You are not logged in.

#1 2016-07-04 14:00:21

graysky
Wiki Maintainer
From: :wq
Registered: 2008-12-01
Posts: 10,595
Website

Prevent bash from running an executable while sourcing a file

Is this easily achieved?  To illustrate, consider:

An executable script: /scratch/run.sh

#!/bin/bash
. /scratch/c.conf
echo $var

The corresponding config file /scratch/c.conf

var='hello world'
top

Upon running /scratch/run.sh not only does 'var' get defined, but top is launched even though /scratch/c.conf has octal permissions of 644.  Is there a way to prevent this and only allow the parent /scratch/run.sh to read in variables but not to run an executable?


CPU-optimized Linux-ck packages @ Repo-ck  • AUR packagesZsh and other configs

Offline

#2 2016-07-04 14:47:36

Saint0fCloud
Member
Registered: 2009-03-31
Posts: 137

Re: Prevent bash from running an executable while sourcing a file

`source` simply executes all of the commands in a given file, so unfortunately no --- although I'd love to learn if someone could prove me wrong. How about filtering only the variable assignments, either using grep, sed, bash, or whatever and then`eval` the resulting string or output to a tmp file to later be sourced.

Offline

#3 2016-07-04 15:10:26

Alad
Wiki Admin/IRC Op
From: Bagelstan
Registered: 2014-05-04
Posts: 2,407
Website

Re: Prevent bash from running an executable while sourcing a file

How about filtering only the variable assignments, either using grep, sed, bash, or whatever and then`eval` the resulting string or output to a tmp file to later be sourced.

That's easily bypassed. See the comments in:

http://wiki.bash-hackers.org/howto/conffile

And BashFAQ on eval:

http://mywiki.wooledge.org/BashFAQ/048

What you could do instead is use an ini parser in a different language, and use while/read to process the output. e.g:

https://github.com/andrewgregory/pacuti … c/pacini.c

while read -r foo _ bar; do
  printf -v "$foo" '%q' "$bar"
done < <(pacini baz.conf)

%q additionally adds shell escapes.

This little discourse aside, why do you need a config file? You could simply use command-line options and defaults declared at the top of the script.

Last edited by Alad (2016-07-04 15:19:51)


Mods are just community members who have the occasionally necessary option to move threads around and edit posts. -- Trilby

Offline

#4 2016-07-04 16:17:21

graysky
Wiki Maintainer
From: :wq
Registered: 2008-12-01
Posts: 10,595
Website

Re: Prevent bash from running an executable while sourcing a file

Alad wrote:

This little discourse aside, why do you need a config file? You could simply use command-line options and defaults declared at the top of the script.

Thanks for the tip, Alad.  See this commit for a project I created.


CPU-optimized Linux-ck packages @ Repo-ck  • AUR packagesZsh and other configs

Offline

Board footer

Powered by FluxBB