Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Prevent Terminal from opening without approval Apps
A few days ago on Heise Germany, I found a solution for the ability to run Terminal scripts via a disguised downloaded file. Just insert the code from that forum post into your user's .bashrc file, and Terminal will ask before executing a command whenever a new window is opened. You can also edit the system-level .bashrc (sudo nano /etc/bashrc) to make this work for all users.

Another solution is to install Unsanity's old Paranoid Android (linked on this page, which would also help for the 'disguised as JPEG' Mail issue.

[robg adds: This seems like a fairly ingenious solution to the problem. You get prompted with a yes/no question when a new Terminal window opens, and if you don't answer in 15 seconds, it times out and exits, preventing access. You can change the delay by changing the value in this line: read -r -t 15.

I added the code to the end of my .bash_profile file, and modified the comments a bit to explain more clearly what's going on. Here's my version of the code:
# keep my playground secure
echo "############################################################";
echo "##                                                        ##";
echo "## If you do not know why Terminal has launched, answer   ##";
echo "## 'n' to the following question. Otherwise, hit 'y' to   ##";
echo "## open Terminal as usual...                              ##";
echo "##                                                        ##";
echo "############################################################";
echo "Open Terminal.app now (y/n)";
read -r -t 15 -e OpenTerminal
if [ "$OpenTerminal" == "" ] || [ "$OpenTerminal" == "n" ]; then
  exit 1;
fi;
if [ "$OpenTerminal" != "y" ]; then
  LastCommand="$OpenTerminal";
  echo "Open Terminal.app now (y/n)";
  read -r -t 15 -e OpenTerminal
  if [ "$OpenTerminal" == "y" ];then
    echo "This was the command that started Terminal.app:";
    echo $LastCommand;
    else
    exit 1;
  fi;
fi;
There are a number of other workarounds posted in the comments to this hint about the auto-open issue in Safari, but I felt this one was unique enough to share as a standalone hint. This is the solution I've chosen to put in place on my machines for now, as it's decent protection with only a minor inconvenience (though it does break the 'Open in Terminal' sidebar item I've been using).]
    •    
  • Currently 2.80 / 5
  You rated: 1 / 5 (5 votes cast)
 
[13,663 views]  

Prevent Terminal from opening without approval | 17 comments | Create New Account
Click here to return to the 'Prevent Terminal from opening without approval' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Prevent Terminal from opening without approval
Authored by: chutem on Feb 28, '06 08:10:44AM

Ok...I added the robg version of the code to /etc/bashrc under my admin user. I thought this would make the change for all users (i do my dtd stuff under a standard user) however only my admin user sees the terminal alert. Where exactly (i don't have a lot of terminal experience mind you) is the file that i need to edit to make this change for all users. Other than that the fix is brilliant. Any help appreciated.



[ Reply to This | # ]
Prevent Terminal from opening without approval
Authored by: smkaiser on Feb 28, '06 08:37:58AM

If your default shell isn't bash, then you won't get this fix. You'll need to add it to your shell's rc file.



[ Reply to This | # ]
Prevent Terminal from opening without approval
Authored by: chutem on Feb 28, '06 09:55:35AM

Thanks...didn't even think of that. For some reason my standard users default shell was tcsh. I used netinfo to change that to bash and now all is well. Thanks for the tip.



[ Reply to This | # ]
Prevent Terminal from opening without approval
Authored by: nmerriam on Feb 28, '06 01:21:49PM

new installs of OS X post-10.3 default to Bash, but before that it was tsch, and if you upgrade an old pre-10.3 system it keeps the tcsh default. Just for anyone else who upgrades systems and expects this to work!



[ Reply to This | # ]
Prevent Terminal from opening without approval
Authored by: miaomix on Feb 28, '06 08:30:42AM

This represent a problem for those of us who do automated commands from external systems trhough the command line. I actually have a line in my .bashrc that stops all processing or the file if it is a non-interactive shell (launched from ssh/rsync/etc...):

[[ $- != *i* ]] && return # Shell is non-interactive. Stop parsing.

and just lets the program work so that any output from the rc script doesn't cause issues with my remote process.

The best solution is still turn of the automatic execution of 'Safe' downloaded file.



[ Reply to This | # ]
Prevent Terminal from opening without approval
Authored by: kevinv on Feb 28, '06 09:29:19AM

turning off safe opening doesn't prevent the user from launching a script that appears to be a JPG from Finder. It merely prevents the automatic running from safari.



[ Reply to This | # ]
Prevent Terminal from opening without approval
Authored by: Ptitboul on Feb 28, '06 09:05:56AM

This does not protect to variants of the "virus" that use another applications than Terminal.app ; such variants exists, but are not public.



[ Reply to This | # ]
Prevent Terminal from opening without approval
Authored by: gbws on Feb 28, '06 09:52:56AM

Terminal is the only application that gives you access to shell commands.

Anyway, here's my solution :
Edit .bash_profile and add :
<code>
if [ -n "$PS1" ]; then
su $USER ; exit
fi
</code>
It will prompt for your password.



[ Reply to This | # ]
Prevent Terminal from opening without approval
Authored by: lar3ry on Mar 01, '06 07:13:05AM
And iTerm doesn't?

Most people I know (that care about a command line) use iTerm instead of Terminal.app.

Since I don't use Terminal.app much at all, I simply relocated it and removed all the Mime-type entries that launched it.

If something HAS to launch in a terminal window, I can type it myself, thank-you-very-much!

[ Reply to This | # ]

Prevent Terminal from opening without approval
Authored by: gbws on Feb 28, '06 09:55:55AM

Terminal is the only application that gives you access to shell commands.

Anyway, here's my solution :
Edit .bash_profile and add :

if [ -n "$PS1" ]; then
su $USER ; exit
fi

It will prompt for your password.



[ Reply to This | # ]
Terminal.app is not the only way to execute shell commands
Authored by: moritzh on Feb 28, '06 04:44:35PM
What about executing an AppleScript with do shell script ... in it? I am not sure which shell is used, I suspect /bin/sh.

[ Reply to This | # ]
Prevent Terminal from opening without approval
Authored by: jiclark on Feb 28, '06 11:15:57AM
Just curious, but does this:

Safe Terminal

…do the same thing? Seems easier, for the Terminal-phobic.

[ Reply to This | # ]
Prevent Terminal from opening without approval
Authored by: unforeseen:X11 on Mar 01, '06 08:15:43AM

Note that this hint breaks the Gimp and other X11-apps.

---
this is not the sig you`re looking for.



[ Reply to This | # ]
Prevent Terminal from opening without approval
Authored by: DC Watts on Mar 02, '06 09:15:43AM

Note that today Apple released a Security Update which addresses this issue (among others) and is available for both 10.4 and 10.3.9 . For Panther users, the update seems simply to disable Safari's "Open safe files after D/L" feature; but the Tiger fix is apparently more robust.

The update covers a number of other security issues; but as it relates to this thread, the pertinent description excerpt is:

"It is possible to construct a file which appears to be a safe file type, such as an image or movie, but is actually an application. When the "Open `safe' files after downloading" option is enabled in Safari's General preferences, visiting a malicious web site may result in the automatic download and execution of such a file. A proof-of-concept has been detected on public web sites that demonstrates the automatic execution of shell scripts. This update addresses the issue by performing additional download validation so that the user is warned (in Mac OS X v10.4.5) or the download is not automatically opened (in Mac OS X v10.3.9)."



[ Reply to This | # ]
Prevent Terminal from opening without approval
Authored by: Hal Itosis on Mar 04, '06 11:50:19AM
While I realize that exploits can use means other than launching Terminal,
I thought this .login idea had creative (and educational) value... plus fun.

So I took a stab at tweaking it. Since I have many homemade scripts that
launch Terminal (mostly AppleScripts run via Script Menu/FastScripts)...
I wanted to have this .bash_login method be as painless as possible.

I've set it so that as soon as the "y" key is pressed, the command runs.
Any other key kills it immediately. (i.e., no need to press return or enter
in either case). If a script has more than one line, it doesn't get sent thru
properly [can someone craft a "read-while" for me?]. But basic one-liners
(even long ones) work fine.

I guess it's a bit kludgy, but anyway:

# catch script launch exploits...
LastCall=''; read -s -t1 LastCall
if [ -n "$LastCall" ]
then
        echo ''
        echo ' ####################################################'
        echo ' ##                                                ##'
        echo " ##   If you don't know why Terminal has opened,   ##"
        echo ' ##   then answer "n" to the following question;   ##'
        echo ' ##   else, reply "y" to run the command shown.    ##'
        echo ' ##                                                ##'
        echo ' ####################################################'
        echo ''
        echo -n ' The command sent to Terminal.app was:'
        printf '\e[1m %s \e[0m \n' "$LastCall"
        echo -n ' Should we let Terminal.app execute it? (y/n): '
        OpenTerm=''; read -n1 -t60 OpenTerm; echo ''
        if [ "$OpenTerm" != "y" ]; then exit 1; else eval "$LastCall"; fi
fi
#
-HI-

[ Reply to This | # ]
Prevent Terminal from opening without approval
Authored by: Hal Itosis on Mar 04, '06 12:02:42PM

Of course, if Terminal is ALREADY open
when a malicious script gets launched...

you're skrewd.

;-)



[ Reply to This | # ]
Prevent Terminal from opening without approval
Authored by: Hal Itosis on Mar 06, '06 11:53:11AM

Hmm... that 1 second timeout on the first read might be
a bit short, sometimes allowing a script line to slide thru.

I recommend tweaking my code to bump it up to 2 secs:

LastCall=''; read -s -t2 LastCall



[ Reply to This | # ]