Programster's Blog

Tutorials focusing on Linux, programming, and open-source

Introducing prog-exec

In a bid to try and make the sharing and executing BASH scripts safer whilst maintaining convenience, I am going to be introducing automated hash checks and digital signatures. This checking will be handled by your local computer using the new prog-exec script that you will need to install (instructions below). The source code for this is available on Github for all to review and download. Constructive criticism, pull requests, and suggestions for improvements are openly welcomed.

For now there is only automated hash checking (using sha256), and I will now be working on the signed scripts functionality. I have only tested this on my local computer running Ubuntu 16.04 and on a few basic scripts.

Installation

wget https://raw.githubusercontent.com/programster/prog-exec/master/prog-exec \
  && chmod +x prog-exec \
  && sudo mv prog-exec /bin/.

Usage

Once installed to your path, you should be able to execute one-line commands that I (and others) provide such as below to echo out "hello world".

prog-exec "1/1" "23fc5e6d9e13fc267aabd29b06f805e6e93d453923586fc75e590dc178d4f49f"

The key thing is that after the hash check succeeds, but before the script is executed, you are given the opportunity to review the script before confirming whether you wish to proceed with execution (by entering y). If the script fails the hash check or you change your mind, then the script just exits out.

Last updated: 3rd April 2022
First published: 16th August 2018

This blog is created by Stuart Page

I'm a freelance web developer and technology consultant based in Surrey, UK, with over 10 years experience in web development, DevOps, Linux Administration, and IT solutions.

Need support with your infrastructure or web services?

Get in touch