Executable Shell - Ideas Wanted

[Mig21]

Hi

I am looking for feedback and ideas for improvement about a simple but (I feel) important project of mine - Executable Shell, or esh.

I condensed what I learned and did so far on this page: Executable Shell Please take a look. An excerpt:

Regular Linux users are not able to download a program from the web and run it. They can if they have the most basic knowledge of what a terminal is, but most people don't and never will (nor, I belive, should they need to). This is the problem Executable Shell (esh) is trying to solve.

I would like to hear from you even if you think the idea is terrible. I'm pretty convinced at this point that it would bring a lot of benefits without introducing any security risks, but feel free to argue otherwise and I will try to address your concerns on the webpage.

Ultimately I would like to see all the distributions and file managers to support esh.

Thanks for your time.

[rcgreen]

One good thing about it is that it would make
it easier for me to become famous as a 1337 HaX0r.
I could write the first really successful virus to
infect Linux. Seriously, BAAAAAAD idea. goes against
the fundamental source of Linux security. Never
trust a remote host to download and run executables
on your system without your active consent.
We should learn from the activeX fiasco.

[Mig21]

What do you mean without active consent? Surely clicking the 'i trust this program' button in a dialog qualifies?

And there are plenty of other ways to spread viruses. You can be just as 1337 a HaX0r by making an autopackage, which can be used just as easily for malicious purposes but is less flexible for good purposes

[budman7]

Actually, people can download a package and run it.
For instance, in Gentoo. I do

emerge package

Package gets downloaded with dependencies and ind installed.

And as I can trust the package maintainers to not put a virus in there, I feel quite safe in doing that.

[minthaka]

If you are, I would like to tell you a warmly thank for the job done. This is a brilliant application.

[rcgreen]

Surely clicking the 'i trust this program' button in a dialog qualifies?

The link will not always say "I trust this program". Some times it will
say "check out these great nude pics"

As an eye opener, Google some typical porn words and start
randomly clicking links. I did this (on Linux) and encountered
dialog boxes saying "you have chosen to download "whatever.EXE
OK? CANCEL... In the Microsoft OS, you would already be
infected because there would be no dialog for confirmation.

This is stupid design. If the other OS wants to be that way,
it's their choice. I chose Linux because it doesn't do that
sort of stuff. Downloading and installing software is as
easy as typing "apt-get install whatever" It is secure because
I know what repositories are in my sources.list.

[Mig21]

If you are, I would like to tell you a warmly thank for the job done. This is a brilliant application.

thanks

Surely clicking the 'i trust this program' button in a dialog qualifies?

The link will not always say "I trust this program". Some times it will
say "check out these great nude pics"

Oh, no - you misunderstood Let me try to explain better:

1. you download a program, let's call it evilvirus.sh
2. you double-click on it in a file manager
3. the file manager runs /usr/bin/esh evilvirus.sh
4. esh shows the user the dialog in the screenshot

The downloaded program doesn't (cannot) have any effect on the 'do you trust this program' message, because that comes from a different program that was installed on the system already.

Does that make more sense?

[bidi]

1. you download a program, let's call it evilvirus.sh
2. you double-click on it in a file manager
3. the file manager runs /usr/bin/esh evilvirus.sh
4. esh shows the user the dialog in the screenshot

Sounds like more work that required! If the file manager wanted this to be the desired effect why does it implement this itself? I mean, it would still have to call /usr/bin/esh, so why not ask the user if it trusts this program then run /bin/sh itself? Seems to me like the approach you're taking is a little unnecessary.

[bigtomrodney]

This already exists in many distros. I see it in SUSE, I used to see it in Knoppix and several other distros. The reason you run it in a terminal is because you want to pass options to it and see the outcome.

If you want to install something directly you use a packagemanager. If you want to do something directly in the browser try looing at YaST Metapackage Handler and the more basic application of this principle such as gDebi.

[Mig21]

Sounds like more work that required! If the file manager wanted this to be the desired effect why does it implement this itself?

esh would practically be part of the file manager. In fact I would expect and enourage qt-based file managers to have a different (qt-based) version.

I mean, it would still have to call /usr/bin/esh, so why not ask the user if it trusts this program then run /bin/sh itself?

That's kind of the whole point If file managers did this already, there would be absolutely no reason for esh.

This already exists in many distros. I see it in SUSE, I used to see it in Knoppix and several other distros.

Are you sure? I think the dialog you're talking about comes up only if the file already has +x permissions, and will not work for a file with default rw-r--r-- permissions.