I want to secure execution of a program with a password.
How do i do that in bash ?
Thank you
+3
A:
stty_orig=`stty -g` # save original terminal setting.
stty -echo # turn-off echoing.
read passwd # read the password
stty $stty_orig # restore terminal setting.
codaddict
2010-04-16 15:12:35
+1
A:
What exactly do you mean?
A bash script runs with the privileges of the caller. What you want is more likely done by the sudo command.
Andrew J. Brehm
2010-04-16 15:13:16
+2
A:
This read var pwd from stdin (echo disabled):
read -s -p Password: pwd
Jürgen Hötzel
2010-04-16 15:17:34
+3
A:
If you need to grab a passwd to supply as a paramter to a program, then unicorns advice to just turn off the echo is good.
Having a passwd check in the script doesn't work - if the user can execute the bash script they also have permission to read it and see the passwd.
If you want to only allow people with a passwd to run a program then the secure way is to create a new user account that owns the program and have a script that uses 'sudo' to run the program as that user - it will prompt for the users passwd in a secure way.
Martin Beckett
2010-04-16 15:25:06
One might precompute the checksum of the password and store *it* in the script instead of the plaintext and test the checksum of the input against that. It can still be broken, though, but less easily.
Dennis Williamson
2010-04-16 18:11:29
In which case you just simply copy the script to somewhere you have write permission, and remove the check.
Martin Beckett
2010-04-16 18:21:56