top | item 39118734

(no title)

digdigdag | 2 years ago

You can examine the contents of the shell script yourself -- but how is this any different from running the rest of the application without examining the source?

Do you just draw some arbitrary line to say, "running easily readable shell scripts is bad, but compiling and running code I have never looked at or completely understand is okay."?

Really the only logical answer here is to adopt a zero trust security model and just assume every line of code is compromised. Run it in a VM, in a container, firewall it, jail it, sandbox it, etc.

Otherwise you're whispering sweet nothings to yourself if you believe piping unknown scripts to shell is the most vulnerable thing you can do here.

discuss

computerfriend|2 years ago

It's because I have an expectation that running the actual code won't change system-wide state and running the pipe-into-shell command will.