build-image icon indicating copy to clipboard operation
build-image copied to clipboard

Published 20 hours ago verified publisher icon netlify

syntax: bash launcher script hardening

Open hraban opened this issue 4 years ago • 0 comments

Apply various hardening idioms to the default Bash launcher script:

  • quote all variables
  • quote all path names
  • explicit error message on wrong usage
  • use exec for the "wrapped" command
  • use common hardening flags (this one is not technically useful in this script as it is, but it's a good idea anyway, in case it is ever modified with a statement that could benefit from it)
  • use /usr/bin/env

hraban avatar Mar 25 '21 23:03 hraban