Idea
#4459: Terminal warnings for dangerous commands
|
| |
-58
|
|
|
Written by tomatz the 13 Mar 08 at 09:49.
Category: System.
Related to:
Nothing/Others.
Status: New
|
|
|
Description
Recently on the ubuntu forums (and elsewhere) people have been posting bad commands to maliciously damage peoples systems. There should be a warning in the terminal (which could be swiched off in the terminal settings) when these commands are enterd before the command is executed. e.g.
tomatz@Desktop:/usr/bin#rm -r .[^.]*
Bash SECURITY WARNING Do you really want to enter this command? It could damage your system! (Y/N)
n
tomatz@Desktop:/usr/bin#
I really believe this should be implemented as this is obviously a security flaw. Most viruses in windows require user execution to infect the system which makes this security flaw not much different.
Tags:
(none)
Attachments
No attachments.
Duplicates
Comments
|
tomatz wrote on the 13 Mar 08 at 10:36
| |
Why vote this idea down??? That just don't make sense.
|
|
zoubidoo wrote on the 13 Mar 08 at 11:39
|
I'm in favour of:
alias rm='rm -i'
This could be switched on by default if it isn't already.
|
|
christopher_lees wrote on the 13 Mar 08 at 11:46
|
I think that would be very difficult; there are many ways to destroy a person's system besides rm -rf. Moving files to /dev/null is one; catting nonsense data directly to block device files is another, and I'm barely scratching the surface here.
Stopping people from putting in malicious commands is not a software problem - it's a social problem. There's no defence against "social engineering" viruses except education. Malicious commands are just another form of social engineering - asking the user to put in a particular command to get something to work is like asking the user to download and run a program to get a funny video of a hampster.
|
|
jeanpaul145 wrote on the 13 Mar 08 at 11:48
| |
Next to the excellent points made by christopher_lees, there i an additional problem: even IF you make rm work interactively (by means of aliasing rm or whatever) you still get the problem of the user who, when frustrated, will just say yes anyway, sometimes even without thinking.
|
|
Auzy wrote on the 13 Mar 08 at 11:55
|
rm -r .[^.]* wont destroy your system unless you are running as root.
OSX suffers the same problem too anyway
technically echo > /etc/grub/grub.lst is just as bad..
Maybe the best thing to do would is specifically echo something to the user when they open terminal of the risks, and how people should never run commands they aren't sure of. So I agree, +1, but better way would be to present a warning first. Not start changing commands behaviors (if you change the behavior of rm for instance, you may break many shell scripts which run rm in the background while doing other stuff in the foreground, or any shell script really.
|
|
Auzy wrote on the 13 Mar 08 at 11:58
|
So in summary, I +1, but I think it should be one explicit warning when loading bash not to run commands you dont understand.
Even better, make a site that can break the command down, and explain the components, so that if you do cat > bbbb; sudo rm -rf /, users can see the risks themselves, and know what the commands are capable of.
And make it easy for users to access
|
|
edcrypt wrote on the 13 Mar 08 at 12:03
| |
While there are many ways to shoot yourself in the foot in a *nix shell, the "alias rm='rm -i'" ideia is not bad anyway.
|
|
pturing wrote on the 13 Mar 08 at 13:33
|
Beware the siren call of rm -i.
Redhat added this, and now can never change it back. I believe this was a significant mistake.
One of the scarier things I've seen beginning users doing is to run
rm *
when they want to delete 1 or 2 files. Technically, this works on systems that use rm -i, but those users are going to lose a lot of data when they go to a different system.
|
|
pturing wrote on the 13 Mar 08 at 13:44
|
People doing this sort of thing would only have to come up with a different command. You can't block all such commands.
Also, the whole point of the shell is it does what you tell it to do. The best way to ruin it would be to have it second guess you all the time.
http://youtube.com/watch?v=_n4mdcXa8B0
|
|
DonQuichote wrote on the 13 Mar 08 at 13:58
|
One of the real problems with rm -i as I know it (on Gentoo servers, but I do not know if the admins did that or if it is a Gentoo default), is that you get used to the safety as a normal user, but that extra safety is not there when you need it most: when you are running as root.
If you type rm -rf .* as a normal user, you are asked for each file.
If you run that as root, you end up with "a lot of extra disk space". No questions asked.
|
|
zoubidoo wrote on the 13 Mar 08 at 14:54
|
Hmm, how about a "safe" shell that is for less experienced users that lets them do admin but has a database of filters for the nasties.
I quite agree with christopher_lees, it is a social problem, but so long as novices are having to delve into the command line it'll be a risk. And I don't see that changing just yet.
|
|
sourcejedi wrote on the 13 Mar 08 at 15:27
|
You can't make the commandline "safe" in general. I see the problem though.
One way to help combat this would be to remind newbies to check documentation to see what a command is. If they've been told to run this command to "install compiz" (:-), and they can look at the man page and find that the rm command deletes files, that would help. (This would be more friendly than just saying they should learn all the basic commands first).
W.r.t a safe shell: I think the appropriate place for the filter database would be on the ubuntu forums. It needn't censor them, just highlight them in red+underline and have a tooltip which says
WARNING: THIS COMMAND COULD DAMAGE YOUR SYSTEM. IF YOU ARE NOT SURE WHAT IT DOES, OR YOU DO NOT TRUST THE POSTER, THEN DO NOT RUN IT.
|
|
Data83 wrote on the 13 Mar 08 at 18:01
|
I voted -1
Think about it: When do you use a shell? If you use it, you should know what you are doing. even with the shell you cannot do worse things as in nautilus unless you use "sudo".
And, really: If you use "sudo" you have to know exactly what you are doing. You are even asked for your password before the command is executed...
So, please, we do not need another "security"-warning, that asks if I really want to do what I am doing.
It's not like you enter a command by accident, like you could press a button in a gui unintentionally...
|
|
zooounds wrote on the 13 Mar 08 at 19:01
|
You can't protect the user from everything.
-1
|
|
alvevind wrote on the 13 Mar 08 at 19:10
|
The users that do not know what they are doing on the commandline should not use it.
If there are tasks regular users routinely need to do via commandline, there whould be created a GUI tool to perform that specific task in a more secure and user friendly way.
If you have no desire to become an advanced user you should not need to use advanced and potentially dangerous tools like the commanline.
|
|
Eldmannen wrote on the 13 Mar 08 at 20:29
| |
You cannot cure stupidity.
|
|
zedtux wrote on the 14 Mar 08 at 06:52
|
alvevind said "The users that do not know what they are doing on the commandline should not use it."
Yes, should, but if he has a problem ... he must solve it...
And, in this case, he try anything to solve it.
The good solution for me, is to have a complet Wiki to help users ... but, it's impossible to have a complet Wiki...
Me, I've vote +1 to this idea.
I agree with christopher_lees, and so, if I vote +1 it's just because, it's possible to show the warning for some dangerous command ( because, as everyone said, It's impossible to filter every command-line ).
|
|
steve196 wrote on the 25 Mar 08 at 02:08
| |
One thing, that could be done, is to never substitute the "." and ".." directory for whatever expression, no matter, if it matches.
|
 saivann (Moderator) wrote on the 9 Jul 08 at 17:06
|
Terminal HAS to respect these commands. We can't modify bash or sh behavior since it would break a lot of existing scripts and else.
However, I believe that gnome-terminal, for example, can become interactive and detects dangerous commands before sending them to bash. This is, IMO, extremely important since most of ubuntu users will type commands without knowing how these commands work.
For advanced users, this option could be disabled in gnome-terminal preferences.
The same could apply to KDE terminal.
|
|
Endolith wrote on the 22 Aug 08 at 13:51
| |
"You can take my arcane, confusing, dangerous terminal when you pry it out of my cold dead hands!"
|
Post your comment
|
|
|
