script to protect the start of an application

'chris' · ‎09-28-2006

hi

howto write a script to protect the start of an application using password for example thunderbird ?

kind regards
chris

Vibhor Kumar Agarwal · ‎09-28-2006

Just ask for password in that script and if yes and then call the program.

You can encrypt the password by "crypt" command so that no one can ready it.

Vibhor Kumar Agarwal

Yang Qin_1 · ‎09-29-2006

Hi,

First generate an encrypt password better use a 8 char password because command makekey request 8 char + 2 char "salt". I'll use thunder1 + "salt" U5 to encrypted password:

echo "thunder1U5"|/usr/lbin/makekey

The output is "U5.8pOqbhJ3SQ". In your script, you just need to check if user provided password will match this one or not.

#! /usr/bin/ksh

stty -echo
echo "password: "
read pass
stty echo

pwch=`echo $pass"U5"|/usr/lbin/makekey`

if [ $pwch != "U5.8pOqbhJ3SQ" ] ; then

echo "wrong password, bye-bye"
else
/usr/local/bin/myapp
fi

exit

Regards,
Yang

A. Clay Stephenson · ‎09-29-2006

Make sure that if you issue a stty -echo that you have a trap that will reinstate "stty echo" should the user terminate the process or if the process is killed. The stty command applies to the device node (ie the tty port) rather than the process so if you exit the program (e.g. via a Ctrl-C), the terminal is left in the -echo state.

One very easy way to accomplish what you want is to place the application under the control of sudo and add the line "timestamp_timeout=0" to /etc/sudoers. This will force a password query everytime.
If you like, you can setup a dedicated user for this application and assign a password.

If it ain't broke, I can fix that.

Jonathan Fife · ‎09-29-2006

Sudo is really the way to go here. Even if you had a wrapper script ask for a password there would be nothing keeping the user from just entering the full path of the binary and getting around the password wrapper.

If you use sudo you can force a password entry, restrict access to specific users/groups, and every attempt to run sudo will be logged so you can track who did what. Slightly more setup, but way more manageable and secure.

Decay is inherent in all compounded things. Strive on with diligence

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

script to protect the start of an application

script to protect the start of an application

Re: script to protect the start of an application

Re: script to protect the start of an application

Re: script to protect the start of an application

Re: script to protect the start of an application