0

I have a script that stores the output of commands, functions, and other scripts in a log file.

I want to avoid capturing user input.

The line that is in charge of storing the output of the commands to a logfile is this one:

$command 2>&1 | tee /dev/tty | ruby -pe 'print Time.now.strftime("[%s] ") if !$stdin.tty?' >> "$tempfile"

If the command is a function or a script that asks for user input and prints out those data, that input is stored in temporary file. I would like to avoid that since I don't want to capture sensible data.

I can't modify the commands, functions that I'm wrapping.

Improve this question
3
  • That doesn't do anything to capture what a user inputs to the script. Now, if something inside the script prints the input back out, then it does go to the log file, of course. Try e.g. bash -c 'echo "say something: "; read -u0 var; echo "you said: $var"; ' | tee /dev/tty >> tempfile and see what you get like that, or if you remove the echo you said... To pick the sensitive inputs out of the log, you'd to have some way to recognize them from among everything else. And that sounds impossible to do in general. Commented Feb 11, 2021 at 20:54
  • As is, your command stores only program output. The problem is that the command has chosen to emit keys typed as part of its own output. Commands that do not do this will not have this problem (compare command='read foo' vs command='read -e foo': only the latter will log input). There's not really a lot you can do since it's the command itself that merges user input into its own output. Commented Feb 11, 2021 at 20:54
  • I edited the question claiming that I'm intercepting input that is printed out. I'm not saying the command is perfect I'm just looking for an alternative solution that does the same except intercepting those chars printout by the stdin. Commented Feb 11, 2021 at 20:56

1 Answer 1

Reset to default
1

Your command only saves program output, not user input. The problem you're seeing is that the command has chosen to output whatever the user inputs, merging it into its own output that is then obviously logged.

There is no good way around this. Please fix your command.

Anyways. Here's a bad, fragile, hacky way around it:

tempfile=test.txt
command='read -ep Enter_some_input: '

$command 2>&1 | 
  tee /dev/tty | 
  python3 -c $'import os\nwhile s:=os.read(0, 1024):\n if len(s) > 3: os.write(1, s)' |
  ruby -pe 'print Time.now.strftime("[%s] ") if !$stdin.tty?' >> "$tempfile"

The Python command drops all reads of 3 bytes or less. This aims to remove character by character echo as would happen in the most basic cases of a user typing into readline and similar, while hopefully not removing too much intentional output.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Yeah, it makes sense. There is no way that is not fragile.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.