diff --git a/Cargo.toml b/Cargo.toml index 424ced5..f735683 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -2,7 +2,7 @@ workspace = { members = [ "runner" ] } [package] name = "binhost" -version = "0.3.0" +version = "0.3.1" edition = "2021" license = "MIT" repository = "https://github.com/ivabus/binhost" diff --git a/README.md b/README.md index 8d39969..af5aaa7 100644 --- a/README.md +++ b/README.md @@ -53,17 +53,19 @@ runners Manifest validity check provides a fully-secured binary distribution chain. ```shell -curl ADDRESS:PORT/ | KEY=... bash +curl ADDRESS:PORT/ | KEY=... sh ``` `KEY` first few symbols from hex representation of SHA256 sum of manifest (printed to stdout on `binhost` startup). +Additional arguments are set with `ARGS` environment variable + Only this option should be considered as secure. ### Execute specific binary without validity check ```shell -curl ADDRESS:PORT/ | bash +curl ADDRESS:PORT/ | sh ``` ### Download and reuse script diff --git a/web.sh b/web.sh index 4d370a5..fc4949e 100644 --- a/web.sh +++ b/web.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/bin/sh # SPDX-License-Identifier: MIT set -e @@ -96,7 +96,7 @@ fi chmod +x "$FILE" -$FILE < /dev/tty +$FILE $ARGS < /dev/tty cd