Friday, September 22, 2006

Shell script security Seven tips for optimizing shell script security

Seven tips for optimizing shell script security:

"Despite their widespread usage, many shell scripts are written with little to no consideration for security. Worse, due to some inherent weaknesses and a complex syntax, writing secure shell scripts can be pretty difficult. This tip will provide some simple tips for how to make your shell scripts as secure as possible."

A nice article on things to consider when writing shell scripts. Usually I have to write some shell script to do something fast. I've made it a point not to leave scripts lying around after you are done, but slips happen. Considering things like permissions would be a good security consideration to build into your process of writing scripts. Other tips in the article are more common sense, such as not writing in the password into your script and so forth.

Keeping track of where you are in the directory hiearchy could be quite important depending on what your script does. I generally tend echo commands out as a simulation to see how they work, before actually running the script.

Mozilla and hypocrisy

Right, but what about the experiences that Mozilla chooses to default for users like switching to  Yahoo and making that the default upon ...