-
Notifications
You must be signed in to change notification settings - Fork 0
03_secure_script_execution_layer_.md
In Chapter 2: Graphical User Interface (GUI) Frames, we learned how friendly windows let you tell shellnetbuilder what network tasks to perform. You click buttons and type in information. But what happens after you click "Save" or "Apply"? How does the application actually make those changes to your system?
Imagine you have a set of very important, secret blueprints for building complex structures. You wouldn't leave them lying around where anyone could see or change them, right? You'd keep them locked away in a secure vault.
In shellnetbuilder, the Secure Script Execution Layer acts like that secure vault. It protects the vital instructions (our configuration scripts) that make changes to your network.
Network configuration scripts are powerful. They can change critical settings, start services, and modify how your computer connects to the internet. If these scripts were easily readable or editable by anyone, it could lead to:
- Accidental Damage: Someone might accidentally change a script, breaking your network.
- Malicious Tampering: Someone with bad intentions could modify a script to harm your system or steal information.
- Confidentiality Breach: The scripts might contain sensitive details about your network setup that you don't want exposed.
The Secure Script Execution Layer solves these problems by ensuring that the sensitive logic within the shell scripts is kept confidential (hidden from unauthorized viewing) and protected from unauthorized changes when not actively in use.
Let's continue with our example of setting up an NFS Client:
Use Case: Securely Setting up an NFS Client
- In Chapter 2, you clicked "Save" in the NFS Client Setup Frame.
- This action needs to run a special script,
nfs-client.sh, to do the actual configuration. - Instead of just running a visible script, the Secure Script Execution Layer steps in.
- It first decrypts the hidden version of
nfs-client.sh(which might be callednfs-client.sh.des) into a temporary, readable script. - It then executes this decrypted script.
- Immediately after, it deletes the temporarily decrypted script, ensuring it's not left exposed.
This way, the nfs-client.sh script (and all other critical scripts) are only visible and executable for the brief moment they are needed, keeping them safe most of the time.
The core idea of this layer is simple: Hide the scripts when they're not running, and only reveal them temporarily when needed.
Here's how it generally works:
| Component | What it Does |
|---|---|
| Encrypter | Takes a regular script and scrambles its content, turning it into a secret, unreadable file (like locking a blueprint in a vault). |
| Decrypter | Takes a scrambled script and unscrambles it, making it readable and executable again (like unlocking the vault to use the blueprint). |
Shell Scripts (encr.sh, decr.sh) |
Helper scripts that use the Encrypter and Decrypter to process many scripts at once. |
sequenceDiagram
participant Developer as Developer
participant Encrypter as Encrypter.java
participant GUIFrame as GUI Frame (e.g., nfsclient.java)
participant Decrypter as Decrypter.java
participant OS as Operating System
participant Script as Shell Script (e.g., nfs-client.sh)
Developer->>Encrypter: "Encrypt nfs-client.sh"
Encrypter->>Developer: Creates `nfs-client.sh.des` (encrypted)
Note over Encrypter: Stored securely in the application
GUIFrame->>Decrypter: "Decrypt nfs-client.sh.des"
Decrypter->>GUIFrame: Creates `nfs-client.sh` (temporary, decrypted)
GUIFrame->>OS: Execute `nfs-client.sh`
OS->>Script: Runs the configuration commands
Script-->>OS: Operation complete
GUIFrame->>OS: Delete `nfs-client.sh` (cleanup)
Explanation of the Flow:
-
At Setup Time: The
Developer(or an installation script) uses theEncrypter.javaprogram to take all the important shell scripts (likenfs-client.sh) and turn them into encrypted files (e.g.,nfs-client.sh.des). These encrypted files are then included with theshellnetbuilderapplication. -
When You Use the App: When you click a button in a Graphical User Interface (GUI) Frame, like "Save" for NFS Client, the
GUIFramefirst tellsDecrypter.javato unlock the specific script (nfs-client.sh.des). -
Temporary Decryption:
Decrypter.javacreates a temporary, readable version of the script (nfs-client.sh). -
Execution: The
GUIFramethen tells theOperating Systemto run this temporarynfs-client.shscript, performing the actual network configuration. -
Cleanup: As soon as the script has finished its job, the
GUIFrameimmediately tells theOperating Systemto delete the temporary decrypted script. This ensures the "secret blueprint" is safely locked away again.
The heart of this secure layer lies in two Java programs: Encrypter.java and Decrypter.java. They use a standard encryption technique called DES (Data Encryption Standard) with a shared secret key (a simple "password") to scramble and unscramble the script files.
This program takes an original script file and creates an encrypted version with a .des extension.
// File: Java Source Code/Encrypter.java (simplified)
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import javax.crypto.Cipher; // For encryption magic!
import javax.crypto.spec.SecretKeySpec; // To handle our secret key
public class Encrypter implements Runnable {
File inputFile, outputFile; // Our original and encrypted files
public Encrypter(File in, File outDir) {
inputFile = in;
// Output file will be original name + ".des"
outputFile = new File(outDir.getAbsolutePath() + "/" + inputFile.getName() + ".des");
}
public void run() {
encrypt(); // Start the encryption process
}
public void encrypt() {
try {
FileInputStream fis = new FileInputStream(inputFile);
FileOutputStream fos = new FileOutputStream(outputFile);
byte key[] = "abcdEFGH".getBytes(); // Our secret 'password' (8 characters)
SecretKeySpec secretKey = new SecretKeySpec(key, "DES");
Cipher encryptor = Cipher.getInstance("DES/ECB/PKCS5Padding");
encryptor.init(Cipher.ENCRYPT_MODE, secretKey); // Prepare for encryption
byte[] buffer = new byte[10240];
int bytesRead;
while ((bytesRead = fis.read(buffer)) != -1) {
byte[] output = encryptor.update(buffer, 0, bytesRead);
if (output != null) fos.write(output);
}
byte[] finalOutput = encryptor.doFinal(); // Finish encryption
if (finalOutput != null) fos.write(finalOutput);
fis.close();
fos.close();
} catch (Exception e) {
// Handle errors
}
}
public static void main(String[] args) {
// When you run `java Encrypter original_script.sh .`
// args[0] is "original_script.sh", args[1] is "." (current directory)
new Thread(new Encrypter(new File(args[0]), new File(args[1]))).start();
}
}What this code does:
- The
Encryptertakes two pieces of information: the script file to encrypt (inputFile) and the directory where the encrypted version should be saved (outputFile). - The most important part is the
byte key[] = "abcdEFGH".getBytes();. This is the secret password used to scramble the script. Without this exact password, no one can easily unscramble the script. -
Cipher.getInstance("DES/ECB/PKCS5Padding")tells Java to use the DES encryption algorithm. - The
encryptor.init(Cipher.ENCRYPT_MODE, secretKey)prepares the cipher to encrypt using our secret key. - It then reads the script file piece by piece, encrypts each part using
encryptor.update(), and writes the scrambled data to a new file with.desadded to its name.
This program does the opposite: it takes an encrypted .des file and turns it back into a readable script file.
// File: Java Source Code/Decrypter.java (simplified)
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import javax.crypto.Cipher; // For decryption magic!
import javax.crypto.spec.SecretKeySpec; // To handle our secret key
public class Decrypter implements Runnable {
File inputFile, outputFile; // Our encrypted and decrypted files
public Decrypter(File in, File outDir) {
inputFile = in;
// Output file name is original name (without .des)
String fileNameWithoutDes = inputFile.getName().substring(0, inputFile.getName().length() - 4);
outputFile = new File(outDir.getAbsolutePath() + "/" + fileNameWithoutDes);
}
public void run() {
decrypt(); // Start the decryption process
}
public void decrypt() {
try {
FileInputStream fis = new FileInputStream(inputFile);
FileOutputStream fos = new FileOutputStream(outputFile);
byte key[] = "abcdEFGH".getBytes(); // The SAME secret 'password' as the Encrypter!
SecretKeySpec secretKey = new SecretKeySpec(key, "DES");
Cipher decryptor = Cipher.getInstance("DES/ECB/PKCS5Padding");
decryptor.init(Cipher.DECRYPT_MODE, secretKey); // Prepare for decryption
byte[] buffer = new byte[10240];
int bytesRead;
while ((bytesRead = fis.read(buffer)) != -1) {
byte[] output = decryptor.update(buffer, 0, bytesRead);
if (output != null) fos.write(output);
}
byte[] finalOutput = decryptor.doFinal(); // Finish decryption
if (finalOutput != null) fos.write(finalOutput);
fis.close();
fos.close();
} catch (Exception e) {
// Handle errors
}
}
public static void main(String[] args) {
// When you run `java Decrypter encrypted_script.sh.des .`
new Thread(new Decrypter(new File(args[0]), new File(args[1]))).start();
}
}What this code does:
- The
Decrypteris very similar to theEncrypter, but it works in reverse. It takes an encrypted file (.des) and a directory. - It uses the exact same secret password (
"abcdEFGH") to prepare theCipherfor decryption usingdecryptor.init(Cipher.DECRYPT_MODE, secretKey). - It reads the encrypted file, unscrambles it piece by piece, and writes the readable content to a new file, removing the
.desextension.
To make it easy to encrypt or decrypt many scripts at once, shellnetbuilder uses simple shell scripts that loop through all the relevant files.
The encr.sh script (for initial setup):
# File: lockfls/encr.sh (simplified)
p=`pwd` # 'p' will store the current directory
java Encrypter dhcp.sh $p # Encrypt dhcp.sh, output to current directory
java Encrypter dhcps.sh $p # Encrypt dhcps.sh
java Encrypter dnsupdatedhcp.sh $p # And so on...
# ... many more java Encrypter commands ...
rm -f dhcp.sh dns.sh http.sh # Delete the original (unencrypted) scripts
# ... many more rm -f commands ...What this script does: This script is typically run once during the application's setup. It systematically calls Encrypter.java for each shell script that needs to be protected. After encryption, it removes the original, unencrypted shell scripts, leaving only their encrypted .des versions behind.
The decr.sh script (used during execution, or for debugging):
# File: lockfls/decr.sh (simplified)
p=`pwd` # 'p' will store the current directory
java Decrypter dhcp.sh.des $p # Decrypt dhcp.sh.des
java Decrypter dhcps.sh.des $p # Decrypt dhcps.sh.des
java Decrypter dnsupdatedhcp.sh.des $p # And so on...
# ... many more java Decrypter commands ...
rm -f dhcp.sh.des dns.sh.des http.sh.des # Delete the encrypted .des files
# ... many more rm -f commands ...What this script does: This script is similar to encr.sh but calls Decrypter.java for each encrypted script. While it can be used for batch decryption, in shellnetbuilder's normal operation, the GUI frames call Decrypter.java for individual scripts as needed, followed by immediate cleanup. The rm -f commands here are for a full cleanup scenario, but in runtime, only the temporarily decrypted script is removed.
Let's revisit a snippet from mainwindow.java (Chapter 1) or nfsclient.java (Chapter 2) to see this layer in action:
// From mainwindow.java or nfsclient.java (simplified action listener)
// ... inside a button's actionPerformed method ...
final String dir = System.getProperty("user.dir"); // Get current directory
// 1. Decrypt the script
String unixCommand = "java Decrypter dhcp.sh.des " + dir;
runShellScript(unixCommand); // This runs Decrypter.java
// Now, dhcp.sh is temporarily available in 'dir'
// 2. Execute the decrypted script
unixCommand = "bash dhcp.sh"; // Or specific script for NFS: "bash nfs-client.sh ..."
runShellScript(unixCommand); // This runs the actual configuration commands
// 3. Clean up (delete the decrypted script)
unixCommand = "rm -f dhcp.sh";
runShellScript(unixCommand);
// 4. Launch the GUI frame for user interaction
new dhcpframe().setVisible(true); // Or display status
// ...What this code does:
- When a button is clicked, the application first constructs a command to run
Decrypter.java, targeting the specific encrypted script (e.g.,dhcp.sh.des). TherunShellScripthelper method then executes this command. This creates a temporary, readabledhcp.shfile. - Next, it constructs another command to execute the newly decrypted script (
bash dhcp.sh). This is where the real network configuration happens. - Immediately after the configuration script runs, a command is issued (
rm -f dhcp.sh) to delete the temporary, decrypted script. This is crucial for security. - Finally, the appropriate GUI frame is shown or a status message is displayed to the user.
In this chapter, we explored the Secure Script Execution Layer, a critical part of shellnetbuilder that acts as a protective vault for our sensitive network configuration instructions. We learned:
- Why security is essential for powerful scripts (preventing accidental changes, malicious tampering, and information leaks).
- How
Encrypter.javahides scripts by scrambling their content. - How
Decrypter.javatemporarily reveals them using the same secret key when they're needed. - The lifecycle of a script: encrypted at rest, briefly decrypted for execution, and then immediately removed.
This layer ensures that shellnetbuilder not only makes network configuration easy but also keeps the underlying operations safe and confidential.
Now that we understand how scripts are securely managed and executed, the next step is to dive into the content of these powerful scripts themselves. What commands do they contain? How do they actually configure network services?
Let's move on to the next chapter, where we will explore the details of these Network Service Configuration Modules.
Chapter 4: Network Service Configuration Modules