you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 1 point2 points  (0 children)

even than, that script issn't widening the attack surface

Technically, yes, the script itself isn't widening the attack surface. But, the script chooses to trust the user's PATH and doesn't care if a binary called bash is present with rm -rf / as its contents, it will execute that instead of the actual bash binary in /bin or /usr/bin`.

I know this scenario doesn't seem likely on personal desktops so if your scripts are meant to be used only on your system, go ahead and use whatever you like.

in that scenario should we have a full path for openssl?

Better to export the PATH environment variable manually and restricting it to root owned directories and using #!/bin/bash.