Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Prevent Terminal from opening without approval' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Prevent Terminal from opening without approval
Authored by: Hal Itosis on Mar 04, '06 11:50:19AM
While I realize that exploits can use means other than launching Terminal,
I thought this .login idea had creative (and educational) value... plus fun.

So I took a stab at tweaking it. Since I have many homemade scripts that
launch Terminal (mostly AppleScripts run via Script Menu/FastScripts)...
I wanted to have this .bash_login method be as painless as possible.

I've set it so that as soon as the "y" key is pressed, the command runs.
Any other key kills it immediately. (i.e., no need to press return or enter
in either case). If a script has more than one line, it doesn't get sent thru
properly [can someone craft a "read-while" for me?]. But basic one-liners
(even long ones) work fine.

I guess it's a bit kludgy, but anyway:

# catch script launch exploits...
LastCall=''; read -s -t1 LastCall
if [ -n "$LastCall" ]
then
        echo ''
        echo ' ####################################################'
        echo ' ##                                                ##'
        echo " ##   If you don't know why Terminal has opened,   ##"
        echo ' ##   then answer "n" to the following question;   ##'
        echo ' ##   else, reply "y" to run the command shown.    ##'
        echo ' ##                                                ##'
        echo ' ####################################################'
        echo ''
        echo -n ' The command sent to Terminal.app was:'
        printf '\e[1m %s \e[0m \n' "$LastCall"
        echo -n ' Should we let Terminal.app execute it? (y/n): '
        OpenTerm=''; read -n1 -t60 OpenTerm; echo ''
        if [ "$OpenTerm" != "y" ]; then exit 1; else eval "$LastCall"; fi
fi
#
-HI-

[ Reply to This | # ]
Prevent Terminal from opening without approval
Authored by: Hal Itosis on Mar 04, '06 12:02:42PM

Of course, if Terminal is ALREADY open
when a malicious script gets launched...

you're skrewd.

;-)



[ Reply to This | # ]
Prevent Terminal from opening without approval
Authored by: Hal Itosis on Mar 06, '06 11:53:11AM

Hmm... that 1 second timeout on the first read might be
a bit short, sometimes allowing a script line to slide thru.

I recommend tweaking my code to bump it up to 2 secs:

LastCall=''; read -s -t2 LastCall



[ Reply to This | # ]