Escaping from shell-scripts

Chuck Swiger cswiger at
Thu Nov 18 18:06:12 UTC 2010

On Nov 18, 2010, at 5:52 AM, Julian Fagir wrote:
> The straight-forward way would be to write this script, have all input parsed
> by read and then let the script act according to this input (let's assume
> that these tools are secure, it's just cp'ing and writing to
> non-sensitive files.
> Are there possibilities to escape from such a script down to a prompt?

Yes; consider using something like:

  trap "" 2 3 18

...prevent them from using control-C, control-Z, control-\ to play games with the script.

> All in all, this is a more general question I have for quite a time: Can you
> use shell-scripts for security-relevant environments?

Yes, but you really shouldn't trust them any farther than you would trust a user with an interactive shell.  It's just too easy to exploit $IFS, invoke command line utilities that provide shell escapes, etc.

Python or C is likely to be more securable, but getting it right is trickier than it may appear.  Start with never trusting user-supplied inputs, always validate against a whitelist of what is trusted rather than trying to blacklist bad stuff.


More information about the freebsd-questions mailing list