Search This Blog

Wednesday, November 21, 2018

The danger of curl to get binary file

curl url-of-binary could damage your system, it is better you only run it inside a container.
In my Dev system, I can sudo without password, after I run
curl url-of-a-jpg-file, my dev system's systemd-localed service has been stopped.
I have to restart it with

sudo systemctl start systemd-localed

If you feel boring and want some challenge, you can set up sudo without password and then randomly curl some binary files. After that you can try to fix your system.

Fefora is smart, there is warning from Fedora:

Warning: Binary output can mess up your terminal. Use "--output -" to tell 
Warning: curl to output it to your terminal anyway, or consider "--output 
Warning: <FILE>" to save to a file.


Understanding Linux Audit Log Files can help you.