perl -> ssh?

[John Evans]

On Mon, 10 Sep 2001, Robert L. Harris wrote:

>   I'm working on a script and in the pre-planning process hit some walls.
> I can do a "ssh $host cat /etc/hosts" and read the input into an array.  I
> then want to modify the array and write /etc/hosts back out on $host.
>
>   What's a good way to do this?
>
> print @Array `ssh host > /etc/hosts` doesn't seem a good idea or to work
> for that matter.

If you have ssh, then you most likely have scp as well. I would read the
file, make your changes, save file to a temp spot (in a place other than
/tmp) and then scp the file to the server. Make sure that the tmp file
that you create is NOT world writeable. If it is, then you end up with a
nasty race condition:

1) You write file.
2) Hacker makes changes to file (or copies his own file in place)
3) You scp the file out to the server.
4) Hacker now has what he wants on the server.

Granted, modifying the hosts file is not the most dasterdly thing that a
hacker can do, but it's definately not a good thing since they can change
your loghost and start stealing your logs, which they can then use that
ability to cover their tracks for future hack attempts.

-- 
John Evans
http://evansj.kilnar.com/

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS d- s++:- a- C+++>++++ ULSB++++$ P+++$ L++++$
E--- W++ N+ o? K? w O- M V PS+ !PE Y+ PGP t(--) 5-- X++(+++)
R+++ tv+ b+++(++++) DI+++ D++>+++ G+ e h--- r+++ y+++
------END GEEK CODE BLOCK------