From: martin f. krafft Date: Wed, 12 Mar 2008 19:08:44 +0000 (+0100) Subject: add a readme X-Git-Tag: 0.3.1 X-Git-Url: https://git.madduck.net/code/molly-guard.git/commitdiff_plain/3ff2e8c0cde55785ef76980318b87d738082d4b8 add a readme --- diff --git a/README b/README new file mode 100644 index 0000000..529dcda --- /dev/null +++ b/README @@ -0,0 +1,34 @@ +molly-guard +=========== + +molly-guard attempts to prevent you from accidentally shutting down or +rebooting remote machines. It does this by injecting a couple of checks before +the existing commands: halt, reboot, shutdown, and poweroff. + +It does this by putting scripts with the same names into /usr/sbin, so it only +works if you have /usr/sbin before /sbin in your $PATH! + +The checks are: + + - test whether the current pty has been created by sshd + - test whether a variable $SSH_CONNECTION exists + +If any of these tests are successful, molly-guard asks you to type the +machine's hostname, which should be sufficient to prevent you from doing +something by accident. + +The following situations are still UNGUARDED. If you can think of ways to +protect against those, please let me know! + + - running sudo within screen or screen within sudo; sudo eats the + $SSH_CONNECTION variable, and screen creates a new pty. + + - executing those command in a remote terminal window, that is a XTerm + started on a remote machine but displaying on the local X server. + +You have been warned. You can use the --molly-guard-do-nothing switch to +prevent anything from happening, e.g. + + halt --molly-guard-do-nothing + + -- martin f. krafft Wed, 12 Mar 2008 20:02:14 +0100