ecute. This can contain any command he chooses -- benign or malevolent. Do not execute code from people you don't trust
不要执行你不信任的人提供的shell脚本, 里面可能含有危险的命令和脚本, 不要随意解压别人提供的压缩包, 也许看起来很小, 结果解压出来会塞满整个硬盘.
代码:
wget http://some_place/some_file
sh ./some_file
代码:
wget http://some_place/some_file -O- | sh
Compiling code: Someone gives you source code then tells you to compile it. It is easy to hide malicious code as a part of a large wad of source code, and source code gives the attacker a lot more creativity for disguising mal页码:[1] [2] [3] [4] [5] [6] [7] [8] [9] 第4页、共9页 |
