Y
Hacker News
new
|
ask
|
show
|
jobs
by
Wingy
778 days ago
curl should probably scream when it detects piping unencrypted wan (not local ips) connections to shell, sort of like what openssh does when a host’s fingerprint changes
2 comments
mr_mitm
778 days ago
How could curl detect where it's piped to?
link
take-five
778 days ago
Something like (in Python)
os.isatty(sys.stdout.fileno())
link
Zambyte
778 days ago
That doesn't say where it's piped though. It could be redirected to a file, or piped to something harmless like jq.
link
timando
778 days ago
Iterate through /proc/<pid>/fd and check for the pipe id in the symlink target.
link
adamomada
778 days ago
The shell would have to give the warning
link