安全的方式来计算的设置环境变量 [英] Safe way to set computed environment variables
问题描述
我有我修改,以接受来自标准输入键值对一个bash脚本。 (它是由xinetd的催生。)我怎样才能安全地转换这些键值对到环境变量的子进程?
I have a bash script that I am modifying to accept key=value pairs from stdin. (It is spawned by xinetd.) How can I safely convert those key=value pairs into environment variables for subprocesses?
我打算只允许用predefined preFIXCMK_开始键,以避免IFS或任何其他危险的变量得到设置。但简单的方法
I plan to only allow keys that begin with a predefined prefix "CMK_", to avoid IFS or any other "dangerous" variable getting set. But the simplistic approach
function import ()
{
local IFS="="
while read key val; do
case "$key" in CMK_*)
eval "$key=$val";;
esac
done
}
是可怕的不安全,因为$ VAL可以包含各种肮脏的东西。这似乎是它的工作:
is horribly insecure because $val could contain all sorts of nasty stuff. This seems like it would work:
shopt -s extglob
function import ()
{
NORMAL_IFS="$IFS"
local IFS="="
while read key val; do
case "$key" in CMK_*([a-zA-Z_]) )
IFS="$NORMAL_IFS"
eval $key='$val'
export $key
IFS="="
;;
esac
done
}
但(1)它使用了我以前从未使用过的时髦extglob的事情,(2)它的复杂,以至于我不能自如,它是安全的。
but (1) it uses the funky extglob thing that I've never used before, and (2) it's complicated enough that I can't be comfortable that it's secure.
我的目标,具体而言,就是让键=值设置通过bash脚本传递到所谓过程的环境。它是由子进程来处理越来越设置潜在的敌对值。
My goal, to be specific, is to allow key=value settings to pass through the bash script into the environment of called processes. It is up to the subprocesses to deal with potentially hostile values getting set.
我修改别人的剧本,所以我不希望只是将其转换为Perl和用它做。我也宁可不改变它周围不同的调用子进程,像
I am modifying someone else's script, so I don't want to just convert it to Perl and be done with it. I would also rather not change it around to invoke the subprocesses differently, something like
#!/bin/sh
...start of script...
perl -nle '($k,$v)=split(/=/,$_,2); $ENV{$k}=$v if $k =~ /^CMK_/; END { exec("subprocess") }'
...end of script...
更新:我结束了有什么用为重点检查:
Update: What I ended up using for the key check is:
if [ "$key" = "${key%[^a-zA-Z_0-9]*}" ]; then
它不需要extglob(全局设置)或正则表达式(仅在bash> = 3)。它的工作原理不扔任何东西在允许的字符的白名单,然后比较结果到原来的。如果没有被抛出,那么整个键只能包含白名单中的字符。
It doesn't require extglob (global setting) or regexes (only in bash >= 3). It works by throwing out anything not in a whitelist of allowed characters, then comparing the result to the original. If nothing was thrown out, then the whole key must contain only whitelisted characters.
推荐答案
这是很多安全以使用声明
比评估
:
shopt -s extglob
function import ()
{
NORMAL_IFS="$IFS"
local IFS="="
while read key val; do
case "$key" in
CMK_*([a-zA-Z_]) )
IFS="$NORMAL_IFS"
declare $key="$val" 2>/dev/null || echo "Bad key"
IFS="=" # why set this here?
;;
*)
echo "Bad key"
;;
esac
done
}
如果你不想使用 extglob
,你可以使用正则表达式匹配测试:
If you don't want to use extglob
, you can use a regex matching test:
while ...
if [[ $key =~ CMK_ ]] # or something like: [[ $key =~ CMK_[[:alpha:]] ]]
then
declare ...
else
echo "Bad key"
fi
此外,请参阅这个。
这篇关于安全的方式来计算的设置环境变量的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!