Capturing and replaying console/terminal sessions with script and scriptreplay

Have you ever wondered how you can easily capture a console session on Linux (and probably most other Unix-like OSes) without the need for special video recording software?

Here's how: you can use the script(1) command (part of the bsdutils package).

  • Start the script command. Without parameters the sessions will be logged to a file called typescript. You can also supply a filename on the command line: script mysession.log.
  • Type whatever you want to record...
  • End the recording session with exit or CTRL-d.
  • You can now view the file with less -r mysession.log (it contains line feeds, escape sequences etc., so a simple text viewer will probably display garbage). You can even print it with lpr(1). Or simply display it on the terminal with cat mysession.log.

An even cooler feature is that you can replay a script with the correct timing information:

  • First you have to also record the timing information using the -t switch: script -t 2>mysession.timing mysession.log.
  • You can then replay the script: scriptreplay mysession.timing mysession.log.

See the script(1) and scriptreplay(1) manpages for more details.

Apple Safari executes arbitrary shell scripts without asking you for permission

It seems Apple is having more and more severe problems lately, MacOS viruses and worms start popping up and spreading on a larger scale... Michael Lehn has now discovered that Apple Safari can be tricked into automatically downloading and executing arbitrary shell scripts.

No need to mention what harm this can cause, especially if you are stupid enough to browse the web as root (or whatever Apple calls their superuser).

The behaviour to automatically open downloaded "trusted" files in a respective application is the default in Safari, which is obviously not the brightest idea Apple ever had. This is not an Apple-only problem, though. I really wonder why so many people, be it developers or users, are willing to sacrifice security for some crappy "feature"...

(via Digg)

Syndicate content