Executable Shell - Ideas Wanted

[bigtomrodney]

No that's not the case - any text file containing a shabang will prompt this.

Think about it there for a minute - a file extension doesn't define a file and nor should it. The only reason Windows users follow that is because there are years of legacy to carry. However Unix systems look at the actual file header. Ever wondered why so many files without extensions are recognised as their various types? It's not because of their extension...try renaming a movie file or mp3 to something without an extension - it will still work.

On the file permissions point I am of the opinion that execution rights should only be granted when necessary. I'm not concerned with what people are used to, the lack of security and constant virus threat in the Windows world is in a large part related to a lack of understanding on the user's end. Blind execution and direct execution from the web have caused immeasurable damage over the years. Setting executable in *nix is a simple matter of right click and go to properties. No terminal needed.

[Mig21]

No that's not the case - any text file containing a shabang will prompt this.

I just tried in Nautilus in Suse 10.3, the script opens in a text editor if it doesn't have execute permissions. Could you please give me step-by-step instructions? Cause if your're right, then there is no need for esh, and that would be great news.

Think about it there for a minute - a file extension doesn't define a file and nor should it. The only reason Windows users follow that is because there are years of legacy to carry. However Unix systems look at the actual file header. Ever wondered why so many files without extensions are recognised as their various types? It's not because of their extension...try renaming a movie file or mp3 to something without an extension - it will still work.

Yeah, I know - most file managers decide the file type by the mime type and not the extension. That's fine.

On the file permissions point I am of the opinion that execution rights should only be granted when necessary.

I agree.

I'm not concerned with what people are used to, the lack of security and constant virus threat in the Windows world is in a large part related to a lack of understanding on the user's end.

I think that's also true.

Blind execution and direct execution from the web have caused immeasurable damage over the years.

Yeah.

But I don't see how all that applies to esh. It does not set the execute permission. It simply automates opening a terminal and running the program from there. Which it seems, if I'm not confused about what you're saying, is actually better than changing the permission on the file to have +x? I don't think it makes much difference in terms of security as long as the user is allowed to run interpreters like bash, perl and python - every interpreter will accept bad commands just as easily as good commands.

[bigtomrodney]

At this point I'd just like to say I'm not attacking your idea and certainly not your motivation to work on this. I'm just questioning why such a thing would be needed.The Unix execute permission exists for a reason as we've agreed. The problem I have with this is that a file would be executed automatically. What if it is a dummy link? You may say well the end user may want to execute something but in this day and age many end users suffer from confirm-fatigue where they will just click yes because a dialogue appears.

Packages and scripts should be handled by a package manager or by someone who is consciously working manually. I know I would much prefer a situation where there is a layer of abstraction there that forces a proactive choice to run rather than a reactive one.

On the other hand, systems like YMP make a lot of sense for new users. They walk you through, they require several confimations and provide as much information as possible. Also they are tied in with the package management system which is not the case with script installers. Remember if you're running a script to install something you need to have a script handy to remove it too - if you don't know how to work around this you'd be better off in a world where execute permissions are set manually.

[Freston]

Can't you keep it out of user permissions somehow? To run scripts with world permission files (the - - xrw part) , if the script doesn't run under my name it would have to be pretty elaborate to break through the permission system. And we'd be seeing a _proper_ virus for a change LOL

[Mig21]

bigtomrodney: don't worry - I'm not looking for a fight your feedback is appreciated.

Freston: I'm not sure what you mean. I don't want esh to fiddle with permissions - they are there for a reason, and they're fine the way they are. All I want is to make the terminal, or knowledge about permissions, unnecessary for running a shell script.