Hacker Read

keldaris · 2017-05-15 07:47:08

I am, and I actively recommend it to anyone sufficiently well educated that they could (and would) go through the contents of the script manually and verify its contents. I don't do anything additional that could be automated in a general fashion, but my own scripts (partly based on Tron) include custom things specific to my setup - adjusting router/firewall settings, interacting with my automated backups, etc.

swiley | karma 10155 | avg karma 1.92 · | 2019-10-23 22:31:02

Yeah, I can pull the script down and have something that I know works.

It’s not a security thing, I don’t trust the business people to avoid changing things in a breaking way.

reply

gitarr | karma 647 | avg karma 6.54 · | 2011-06-24 07:43:26+00:00

Yes, just "script kiddies" with automated tools.

borski | karma 5951 | avg karma 3.39 · | 2014-02-07 21:19:02

We're totally OK with you using the script. :) Most people, especially those just looking for a way to be secure without knowing anything about the command line, was whom this tool was built for. Glad you liked it!

noisy_boy | karma 4816 | avg karma 2.79 · | 2022-04-17 03:21:21

Sure - I'll be happy to show you the scores of scripts I have written to do every tasks like switch pipewire audio sinks, wrapper to youtube-dl, generate/copy rsa token, convert/combine images to pdf etc that were written in the sliver of time afforded to me after I'm done family and kids. Those scripts in no way represent the code I get paid to write in my job but if you find that to be an an issue, then you have found the flaw in your method.

kandjidev | karma 4 | avg karma 1.33 · | 2022-10-04 09:00:59

Do you also verify each line of the software that the script is installing?

flemhans | karma 756 | avg karma 1.54 · | 2021-05-29 22:48:18

Scripts require manual review. It's not automated

efficax | karma 1832 | avg karma 2.98 · | 2022-12-08 14:57:08

eh it's fine. sure, technically speaking you're giving your machine over to whoever wrote that script. they could do anything! but actually, the script is usually useful and safe. Like this one.

yq | karma 210 | avg karma 3.5 · | 2016-01-28 15:35:50

I am not connect to Tronscript in anyway.

It is simply a great automatic tool that really clean up a lot of problem.

reply

pm2222 | karma 154 | avg karma 0.76 · | 2023-01-19 07:42:38

I wouldn’t let script take over steps 234678.

Firewall rule management is where automation can shine.

reply

rurounijones | karma 4148 | avg karma 3.49 · | 2013-04-09 00:25:29+00:00

When you say "a script" what do you mean? A script that configures a server incorrectly to let you see the kind of things you can do?

bartl | karma 586 | avg karma 1.79 · | 2011-03-31 07:27:31

Yes I do. For example, I have a little script to install Drupal modules, which is nothing more than downloading the tarball from the Drupal website, and untarring it in the proper directory.

Likewise, I've got scripts to extract strings to translate (with gettext()) using xgettext from various project directories, and merging it with older, already existing translations; and for installing edited translations afterwards (with msgfmt).

I also have a script to upload files that were changed locally to a remote server.

No, it didn't take me 2 weeks to code them.

Most of the time I just do the task once, and store the commands in a file. Next I edit that file replacing values with script arguments. Tada! Instant script. For lists of values that depend on the project, I create presets (one argument determines what set of values to use).

reply

anw | karma 1309 | avg karma 6.89 · | 2014-12-19 05:38:45+00:00

No problem. I feel it's good to automate stupid little things like this, and to share those stupid little scripts with the world.

And yes, I'm an automated tester. :)

reply

ASalazarMX | karma 5809 | avg karma 1.97 · | 2019-07-07 12:22:44

Get out, that script is huge. I could install small convenience scripts that I can audit, but this monster is 3K+ lines. Too risky.

ivan_ah | karma 5076 | avg karma 2.86 · | 2018-06-09 13:00:48+00:00

Not necessarily. If the script is documented and written cleanly (e.g Fabric3 which has very little magic, and reads almost like Bash), then in can server as "runnable documentation". In this case automation could be really good for continuity and busfactor.

But yeah... got to put some effort into it. Like all docs, script-docs worn't write themselves.

reply

fjfbsufhdvfy | karma 132 | avg karma 1.83 · | 2022-09-16 06:38:23

I'm curious what's the alternative if the script must have those credentials to do its job.

elzbardico | karma 4938 | avg karma 2.53 · | 2024-04-29 18:59:39

Well, you're going to run the thing the script downloaded with exactly the same user and privileges as the script you're running. Unless you're doing a full audit on all the code and not only a cursory look on the installation script, this looks to me more like security theatre.

vorticalbox | karma 1290 | avg karma 1.73 · | 2021-09-23 11:27:56

I did do this with no script and just allow websites I trust but it is a massive chore to keep everything working that I've given up

norir | karma 614 | avg karma 2.54 · | 2023-07-05 17:42:34

This is a great trick, but no one should ever run someone else's script that does this unless they have verified the script line by line beforehand.

Waterluvian | karma 45068 | avg karma 5.19 · | 2023-09-26 18:51:18

Surely these are the same kinds of people who will carefully review all scripts before running them, right?