On Wed, Jan 10, 2001 at 10:42:22AM -0800, brian moore wrote: > On Wed, Jan 10, 2001 at 06:24:33PM +0000, Rick wrote: > > sorry for off-topic, but I've been banging my head trying to set up shell > > scripts that can be executed but not read by a user. > > Not doable. > > The shell needs to read them in order to execute them. actually the correct phrase is `not doable under linux' mode 111 shell scripts work fine on OpenBSD and perhaps other *nixes. > (Well, you could do something REALLY evil like suid wrappers switching > them to a user id that could read the script.... but that is ugly.) very and really not worth it, there are many places where what the script is doing will leak out (/proc for example). its better to write the script correctly and securely so that there is nothing to hide. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpp0rt7KqI1x.pgp
Description: PGP signature