Unix bin path how to!

SSD Update
Best thing you can do with an old computer – update the HD to ssd

Well I finaly coughed up and put an ssd into my pre historic laptop (well worth the trouble I might add)!

I decided to do things from scratch as opposed to a complete clone of my original HD, mainly because over the years I have probably installed more crud than I care to think about!


This is how to add your local bin folder to your path!
I only use this info about once every 3-4 years but hear it is for my own edumacation and may be, just maybe it will be useful to someone else!



cd ~/ <– switch into your home dir
nano .bash_profile  <— create file
then add this line to that file
export PATH=$PATH:~/bin

save close terminal then re launch

Enjoy the contents of you bin!
(you can check that it there by running echo $PATH) or if you have some already executable scripts in your bin you can just try running the scripts from the cli.

Works on Mac os X High Sierra


Terminal escape injection techniques

It’s interesting in that shell scripts (small one’s) seem just like friendly bits of code that you can run. That’s not always the case, it’s probably never a good idea to just download a script and run it (esp using curl or wget). I discovered this very interesting article the other day about terminal escape injection and it works on pretty much every platform – mac, windows linux and even within python!

When in dought use cat -v in fact cat -v may be my new default for viewing code!

https://www.infosecmatter.com/terminal-escape-injection/

Your machine and it’s code

So I’ve been thinking a lot of late about machines, exploits and how to stop this sort of thing. I’ve been in situations where developers have created “stuff” on production machines and then left the company. The problem then becomes interesting if that code does not work with an up dated version of the software say wordpress, drupal or the operating system.

Urban dross

Your then in a situation (if the machine is a web server or open and available on the net) where about the only thing you can do is lock down the firewall and harden the old un patched OS and hope that no one finds a way in / attacks the machine.

It’s always good to have at least 2 people who understand custom code in any company especially if you have a number of web servers to mange. But even then re building something and re creating that functionality is not always easy – and management need to be aware of the fact that this will take time and cost money.


So if that keen shiny developer comes along one day promising you a widget that will sell your own grandmother and only cost you a few hundred bucks worth of con-sultan fees, my advice is to run screaming from the room.

The up shot I’m trying to put to you? Have the ability to own your own code – because if you don’t and if it gets hacked or is found to be vulnerable it’s going to cost you!

A simple approach is best – easier management and long term savings.