Asp Forum - bang is not work!!

Kyung won Cheon

2/18/2009 12:59:00 AM

OS is CentOs 4.7

$ ruby -v
ruby 1.8.7 (2008-08-11 patchlevel 72) [i686-linux]

$ cat ruby_test
#!/usr/local/bin/ruby

puts 'hello'

$ ls -l
-rwxr-xr-x 1 gmc gmc 94 2ì?? 17 19:11 ruby_test

$ ruby_test
-bash: ruby_test: command not found

################
# Why ???
# Help Me!!
################
--
Posted via http://www.ruby-....

8 Answers

Joel VanderWerf

2/18/2009 1:08:00 AM

Kyung won Cheon wrote:
> OS is CentOs 4.7
>
> $ ruby -v
> ruby 1.8.7 (2008-08-11 patchlevel 72) [i686-linux]
>
> $ cat ruby_test
> #!/usr/local/bin/ruby
>
> puts 'hello'
>
> $ ls -l
> -rwxr-xr-x 1 gmc gmc 94 2ì?? 17 19:11 ruby_test
>
> $ ruby_test
> -bash: ruby_test: command not found
>
> ################
> # Why ???
> # Help Me!!
> ################

What's the output of

$ which ruby

What happens with:

$ ./ruby_test

and

$ ruby ruby-test

--
vjoel : Joel VanderWerf : path berkeley edu : 510 665 3407

Tim Greer

2/18/2009 1:40:00 AM

Kyung won Cheon wrote:

> OS is CentOs 4.7
>
> $ ruby -v
> ruby 1.8.7 (2008-08-11 patchlevel 72) [i686-linux]
>
> $ cat ruby_test
> #!/usr/local/bin/ruby
>
> puts 'hello'
>
> $ ls -l
> -rwxr-xr-x 1 gmc gmc 94 2ì?? 17 19:11 ruby_test
>
> $ ruby_test
> -bash: ruby_test: command not found

That's normal. Instead of typing "script_name", type "./script_name".
Unless you alias or move ruby_test to somewhere in your exec path, that
is (and you probably don't want that).
--
Tim Greer, CEO/Founder/CTO, BurlyHost.com, Inc.
Shared Hosting, Reseller Hosting, Dedicated & Semi-Dedicated servers
and Custom Hosting. 24/7 support, 30 day guarantee, secure servers.
Industry's most experienced staff! -- Web Hosting With Muscle!

Bertram Scharpf

2/18/2009 2:56:00 AM

Hi,

Am Mittwoch, 18. Feb 2009, 09:59:29 +0900 schrieb Kyung won Cheon:
> OS is CentOs 4.7
>
> $ cat ruby_test
> #!/usr/local/bin/ruby
> [...]
> $ ruby_test
> -bash: ruby_test: command not found

This is a security feature of your OS/distribution and not about
Ruby.

Suppose you say something like

$ export PATH=.:"$PATH"

and the intruder would place a script named "ls" in the current
directory...

Bertram

--
Bertram Scharpf
Stuttgart, Deutschland/Germany
http://www.bertram-...

7stud --

2/18/2009 6:19:00 AM

Bertram Scharpf wrote:
>
> This is a security feature of your OS/distribution and not about
> Ruby.
>
> Suppose you say something like
>
> $ export PATH=.:"$PATH"
>
> and the intruder would place a script named "ls" in the current
> directory...
>

..and?

--
Posted via http://www.ruby-....

Choi, Junegunn

2/18/2009 7:44:00 AM

And, you may end up executing the possibly malicious script instead of
the original ls when you carelessly type 'ls'. Regarding the she-bang
line, I prefer to write '#!/usr/bin/env ruby' rather than to hard-code
the path of a ruby executable.

2009/2/18 7stud -- <bbxx789_05ss@yahoo.com>:
> Bertram Scharpf wrote:
>>
>> This is a security feature of your OS/distribution and not about
>> Ruby.
>>
>> Suppose you say something like
>>
>> $ export PATH=.:"$PATH"
>>
>> and the intruder would place a script named "ls" in the current
>> directory...
>>
>
> ..and?
>
> --
> Posted via http://www.ruby-....
>
>

--
junegunn.

7stud --

2/18/2009 8:35:00 AM

Choi, Junegunn wrote:
> And, you may end up executing the possibly malicious script instead of
> the original ls when you carelessly type 'ls'.
>

So your not supposed to just type ls at a prompt?
--
Posted via http://www.ruby-....

Tim Becker

2/18/2009 8:42:00 AM

[Note: parts of this message were removed to make it a legal post.]

> So your not supposed to just type ls at a prompt?
>

You shouldn't have '.' (the current) directory in the PATH where the shell
looks for programs to execute, because someone could replace the "real"
program with one in the current directory.

To the original problem:

a.) either ruby is not in /usr/local/bin
-> use `#!/usr/bin/env ruby` instead

b.) '.' is not in the PATH
-> don't change PATH, call your script using `./ruby_test`

c.) you're script is not executable
-> call `chmod +x ruby_test`

or any combination of the above.

-tim

Tim Greer

2/18/2009 6:54:00 PM

7stud -- wrote:

> Choi, Junegunn wrote:
>> And, you may end up executing the possibly malicious script instead
>> of the original ls when you carelessly type 'ls'.
>>
>
> So your not supposed to just type ls at a prompt?

He was saying that without this protection you might not want to. In
usual cases you do, because this protection exists. It's one of
several reasons why you need to set the path, set an alias or type in
the full path, if it's not a system command. It's a good thing.
--
Tim Greer, CEO/Founder/CTO, BurlyHost.com, Inc.
Shared Hosting, Reseller Hosting, Dedicated & Semi-Dedicated servers
and Custom Hosting. 24/7 support, 30 day guarantee, secure servers.
Industry's most experienced staff! -- Web Hosting With Muscle!

comp.lang.ruby

bang is not work!!

Kyung won Cheon

Joel VanderWerf

Tim Greer

Bertram Scharpf

7stud --

Choi, Junegunn

7stud --

Tim Becker

Tim Greer

x Login to ForumsZone