0
0
Bash Scriptingscripting~5 mins

Script security best practices in Bash Scripting - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Recall & Review
beginner
Why should you avoid running scripts as the root user unless absolutely necessary?
Running scripts as root can cause serious damage if the script has errors or is malicious. It can change or delete important system files. Always use the least privilege needed to reduce risk.
Click to reveal answer
beginner
What is the purpose of using 'set -e' at the start of a bash script?
'set -e' makes the script stop immediately if any command fails. This helps prevent the script from continuing in a broken state, which can cause security or data problems.
Click to reveal answer
intermediate
How can you protect sensitive data like passwords in your scripts?
Avoid hardcoding passwords in scripts. Use environment variables, encrypted files, or secure vaults. Also, restrict script file permissions so only trusted users can read them.
Click to reveal answer
intermediate
Why should you validate all user inputs in scripts?
Validating inputs prevents injection attacks and unexpected behavior. It ensures the script only processes safe and expected data, reducing security risks.
Click to reveal answer
advanced
What is the risk of using 'eval' in bash scripts, and how can you avoid it?
'eval' executes strings as commands, which can be dangerous if the string contains malicious code. Avoid using 'eval' or sanitize inputs carefully before using it.
Click to reveal answer
What does 'chmod 700 script.sh' do to the script file?
AAllows everyone to read and execute the script
BAllows only the owner to read, write, and execute the script
CMakes the script read-only for everyone
DRemoves all permissions from the script
Which of these is a good practice to avoid exposing passwords in scripts?
AStore passwords in environment variables
BHardcode passwords directly in the script
CPrint passwords to the console
DShare passwords in comments
What is the main reason to validate user input in scripts?
ATo increase script size
BTo make the script run faster
CTo prevent injection attacks and errors
DTo allow any input without restrictions
What does the 'set -u' option do in a bash script?
ADisables error checking
BIgnores unset variables
CPrints all commands before executing
DTreats unset variables as an error and exits
Why is it risky to use 'eval' with user input in bash scripts?
AIt can execute malicious commands
BIt makes the script shorter
CIt slows down the script
DIt prevents errors
Explain three best practices to keep bash scripts secure.
Think about permissions, input safety, and secrets.
You got /3 concepts.
    Describe why 'set -e' and 'set -u' are useful in secure bash scripting.
    Consider how these options help prevent unexpected script behavior.
    You got /3 concepts.