巴什 - 隐藏命令(从坏的操作preventing) [英] Bash - Hiding command (preventing from bad manipulations)
问题描述
我在想,如果他们是一个方法来prevent在为了执行从坏的操控prevent有时一些命令(为例执行RM *。 PY 当你想要执行RM *。 PYC 或类似的东西)。
I was wondering if they was a way to prevent some commands from being executed in order to prevent from bad manipulation sometimes (for exemple you execute "rm *.py" when you wanted to execute "rm *.pyc" or something like that).
人们会说,这是用户的responsability检查他的投入和它是正确的,但我想无论如何要知道,如果有一种方法。
People will say that it's the user's responsability to check his inputs and it's right but I would like to know anyway if there's a way.
有关基本的东西,我们可以在我们的.bashrc像使用别名:
For "basic" things, we can use aliases in our bashrc like :
alias apt-get="echo 'We use aptitude here !'"
alias sl="echo 'Did you mean ls ?'"
但对于一些与参数,像RM -f *的.py(或室射频/),这简单的一招不起作用。
当然,我只是希望那个prevent确切要执行的命令(同一空间和相同的参数排序将是一个良好的开端)的一个基本方法。
But for something with arguments like "rm -f *.py" (or "rm -Rf /"), this simple trick don't work. Of course, I just want a basic method that prevent the exact command to be executed (same spaces and same arguments ordering would be a good start).
非常感谢你对你的答案。
Thank you very much for your answers.
推荐答案
好了,你可以用把自己的路径组件之一,在所有其他人面前的由来已久的做法:
Well, you can use the time-honoured approach of putting one of your own path components in front of all the others:
PATH=~/safebin:$PATH
,然后在〜/ safebin
,你把那些更安全像 RM
脚本:
and then, in ~/safebin
, you put scripts that are "safer" like rm
:
#!/bin/bash
for fspec in "$@" ; do
if [[ "${fspec: -3}" = ".py" ]] ; then
echo Not removing ${fspec}, use /bin/rm if you really want to.
else
echo Would /bin/rm "${fspec}" but for paranoia.
fi
done
为 RM *
该脚本输出:
Would /bin/rm chk.sh but for paranoia.
Would /bin/rm go but for paranoia.
Would /bin/rm go.sh but for paranoia.
Would /bin/rm images but for paranoia.
Would /bin/rm images_renamed but for paranoia.
Would /bin/rm infile.txt but for paranoia.
Would /bin/rm jonesforth.S but for paranoia.
Would /bin/rm jonesforth.f but for paranoia.
Would /bin/rm mycode.f but for paranoia.
Would /bin/rm num1.txt but for paranoia.
Would /bin/rm num2 but for paranoia.
Would /bin/rm num2.txt but for paranoia.
Would /bin/rm proc.pl but for paranoia.
Would /bin/rm qq but for paranoia.
Would /bin/rm qq.c but for paranoia.
Would /bin/rm qq.cpp but for paranoia.
Would /bin/rm qq.in but for paranoia.
Not removing qq.py, use /bin/rm if you really want to.
Would /bin/rm qq.rb but for paranoia.
Would /bin/rm qq.s but for paranoia.
Would /bin/rm qq1 but for paranoia.
Would /bin/rm qq2 but for paranoia.
Would /bin/rm qqq but for paranoia.
Would /bin/rm rm but for paranoia.
Would /bin/rm source.f90 but for paranoia.
Would /bin/rm test.txt but for paranoia.
Would /bin/rm xx but for paranoia.
Not removing xx.py, use /bin/rm if you really want to.
现在显然$ {fspec:-3}=。py为
是一个简单的一年黑名单。我可能会preFER有事情,我被允许删除,并拒绝一切白名单。
Now obviously the "${fspec: -3}" = ".py"
is a simplistic one and a black list. I'd probably prefer to have a white list of things I was allowed to delete and deny everything else.
和这里的基于正则前pressions白名单的版本:
And here's a white list version based on regular expressions:
#!/bin/bash
for fspec in "$@" ; do
del=0
if [[ ! -z "$(echo "${fspec}" | grep 'a.e')" ]] ; then
del=1
fi
if [[ ! -z "$(echo "${fspec}" | grep '\.[Ss]$')" ]] ; then
del=1
fi
if [[ ${del} -ne 1 ]] ; then
echo "Not removing ${fspec}, use /bin/rm if you want."
else
echo " Removing ${fspec}"
#/bin/rm "${fspec}
fi
done
它输出:
Not removing chk.sh, use /bin/rm if you want.
Not removing go, use /bin/rm if you want.
Not removing go.sh, use /bin/rm if you want.
Removing images
Removing images_renamed
Not removing infile.txt, use /bin/rm if you want.
Removing jonesforth.S
Not removing jonesforth.f, use /bin/rm if you want.
Not removing mycode.f, use /bin/rm if you want.
Not removing num1.txt, use /bin/rm if you want.
Not removing num2, use /bin/rm if you want.
Not removing num2.txt, use /bin/rm if you want.
Not removing proc.pl, use /bin/rm if you want.
Not removing qq, use /bin/rm if you want.
Not removing qq.c, use /bin/rm if you want.
Not removing qq.cpp, use /bin/rm if you want.
Not removing qq.in, use /bin/rm if you want.
Not removing qq.py, use /bin/rm if you want.
Not removing qq.rb, use /bin/rm if you want.
Removing qq.s
Not removing qq1, use /bin/rm if you want.
Not removing qq2, use /bin/rm if you want.
Not removing qqq, use /bin/rm if you want.
Not removing rm, use /bin/rm if you want.
Not removing source.f90, use /bin/rm if you want.
Not removing test.txt, use /bin/rm if you want.
Not removing xx, use /bin/rm if you want.
Not removing xx.py, use /bin/rm if you want.
这篇关于巴什 - 隐藏命令(从坏的操作preventing)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!