prabodhprakash prabodhprakash - 9 days ago 8
Bash Question

Communicating between shell script and C

I've a shell script file which randomly generates a location and copy some files to this randomly generated location.

I also have a different C code that needs to access this randomly generated location to access the copied files.

However, both shell script and C code work independently (in order of shell script and C code). The C code is called by a third application, so it is impossible to pass the location data to C.

How can I securely save this "randomly generated location" data somewhere that C code can access.

I am running these scripts on Mac and would prefer a solution that helps keep these data into memory or does not make file at a common location (like /tmp, /var/tmp etc)

Answer

There are various ways to share the information. Personally I don't find saving to a file to be a problem, since you can use the filesystem's access control to limit access, and/or encrypt the file.

However, specifically on macOS there are some other ways, such as User Defaults (accessible from command-line with defaults), and Keychain (accessible from command-line with security).

Saving to user defaults is effectively saving to a file (accessible by that user), so for security (other than through obscurity) you would still need to encrypt the data. Meanwhile Keychain is built for storing things securely, but setting up access to it is more difficult (and you may inadvertently grant your shell interpreter permanent access).

Still, it may be worthwhile to try something like:

security add-generic-password -a myUserName -s myService -w '/foo/bar/baz'

security find-generic-password -g -a myUserName -s myService
Comments