Introducing prog-exec

In a bid to try and make the sharing and executing BASH scripts safer whilst maintaining convenience, I am going to be introducing automated hash checks and digital signatures. This checking will be handled by your local computer using the new prog-exec script that you will need to install (instructions below). The source code for this is available on Github for all to review and download. Constructive criticism, pull requests, and suggestions for improvements are openly welcomed.

For now there is only automated hash checking (using sha256), and I will now be working on the signed scripts functionality. I have only tested this on my local computer running Ubuntu 16.04 and on a few basic scripts.


Navigate to a folder in your $PATH (or create a folder and add it to your path). Then download the script and mark it executable with:

chmod +x prog-exec

For example:

cd /bin
sudo wget
sudo chmod +x prog-exec


Once installed to your path, you should be able to execute one-line commands that I (and others) provide such as below to echo out "hello world".

prog-exec "1/1" "23fc5e6d9e13fc267aabd29b06f805e6e93d453923586fc75e590dc178d4f49f"

The key thing is that after the hash check succeeds, but before the script is executed, you are given the opportunity to review the script before confirming whether you wish to proceed with execution (by entering y). If the script fails the hash check or you change your mind, then the script just exits out.



Stuart is a software developer with a passion for Linux and open source projects.

comments powered by Disqus