HPE Community
Operating System - HP-UX
1755763 Members
3107 Online
108838 Solutions
New Discussion юеВ

Securing script

 
Yajuvendra Singh
Advisor

тАО12-01-2005 08:10 PM

тАО12-01-2005 08:10 PM

Securing script

Dear all,

I have written a script, but I dont want everyone to view and alter. The problem I am facing like If i hide that script puting 'dot' infront of it, script is not executable. How to excute the hidden scripts.
0 Kudos
10 REPLIES 10
RAC_1
Honored Contributor

тАО12-01-2005 08:21 PM

тАО12-01-2005 08:21 PM

Re: Securing script

Every file is executable (whether hidden or open and is really a executable) as long as it has execute perms for it.

ll "file" to know perms set on it.
There is no substitute to HARDWORK
0 Kudos
Sр╕вр╕ар╣Аl Kр╕вр╣Ур╕Д╨│
Respected Contributor

тАО12-02-2005 08:41 PM

тАО12-02-2005 08:41 PM

Re: Securing script

Hi,
In unix there is no files called executables, like windows has .exe files. File Permissions are the one which will deffrentiate wether the file is executable or not.
U said that, u have made file hidden by inserting a '.' chatacter in the beginning of the filename. How ever this won't serve your purpose, as anyone gives an 'ls -a', will displays all hidden files in that direcory.

It is better you can setappropriate file permissons to that script so, no user other than root can execute that file.

some thing like $chmod 700 . this will exnure that only the owner of the file has full permissions, read/write and execute on that file.[exept root no other users in the system can read or change or execute the script]

Regards,
Sunil
Your imagination is the preview of your life's coming attractions
0 Kudos
Steven E. Protter
Exalted Contributor

тАО12-03-2005 04:53 AM

тАО12-03-2005 04:53 AM

Re: Securing script

Shalom Yajuvendra Singh,

After making a script.

chmod 700 scriptname

Now only I(root) can do anything to it or with it.

If others need to execute it:

chmod a+x scriptname

Now everyone can execute it.

Usually to execute it you need to be able to read it so use:

chmod a+wx scriptname

In that circumstance.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Bill Hassell
Honored Contributor

тАО12-03-2005 10:05 AM

тАО12-03-2005 10:05 AM

Re: Securing script

The dot (as the first character) simply limits the ability to 'see' the file's existence using simple commands like ls or ll or echo *. But as mentioned, the -a option will find all files including those that start with a dot. Putting a dot in front does not remove execution capability, it just makes it slightly harder to find the script.

I think you meant that you don't want users to change or read the file. That is two very different problems. Denying change to the file is easy: just remove the w for group and other, permission number = 755. The second limitation (read) is not possible to remove. If you make the file 755, users can run the script but not change it. But because scripts are interpreted, your shell must be able to read the script in order to run it. If you make the script 700 permission, only the owner can read, write and excute the script.


Bill Hassell, sysadmin
0 Kudos
Geoff Wild
Honored Contributor

тАО12-04-2005 03:42 AM

тАО12-04-2005 03:42 AM

Re: Securing script

If you really don't want someone (easily) to know the contents of a script - then the only other option you have is to convert it to C - and compile it....

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Raj D.
Honored Contributor

тАО12-05-2005 05:18 AM

тАО12-05-2005 05:18 AM

Re: Securing script

Hi Yajuvendra ,

You need to make it executable by assigning the x flag , to owner , group or other , as you want it to be.

# chmod +x .scriptname

And also a best option to hide it , to write the same program in c code and compile it. You are done.

Cheers,
Raj.
" If u think u can , If u think u cannot , - You are always Right . "
0 Kudos
Yajuvendra Singh
Advisor

тАО12-06-2005 05:07 PM

тАО12-06-2005 05:07 PM

Re: Securing script

Dear all,

Thanks for everyone for your valuable time sharing knowledge. Really the solutions were very much helpfull to me.

Can please anyone tell me how to assign points and close the issue.

Thank you.
0 Kudos
Muthukumar_5
Honored Contributor

тАО12-06-2005 05:11 PM

тАО12-06-2005 05:11 PM

Re: Securing script

You can change permission to 700 with chmod to the script or build a c file with system command to execute those shell script.

To assign points, in the right end a drop down box with points there.. Assign those points and come down to this thread and click assign points.

It will make it.

hth.
Easy to suggest when don't know about the problem!
0 Kudos
Muthukumar_5
Honored Contributor

тАО12-06-2005 05:13 PM

тАО12-06-2005 05:13 PM

Re: Securing script

FAQ section to say about assigning points is as,

http://forums1.itrc.hp.com/service/forums/helptips.do?#33

-Muthu
Easy to suggest when don't know about the problem!
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.