With: Code: cat hosts.txt | grep -v ^# | cut -d "#" -f 1 | grep -v localhost >> /etc/hosts.tmp && cat /etc/hosts.base /etc/hosts.tmp >> /etc/hosts && rm /etc/hosts.tmp && sed 's/^ *//; s/ *$//; /$/d' /etc/hosts evil.com and now im.malicious.com from previous example still got through. But with: Code: cat hosts.txt | grep -v "#" | grep -v localhost >> /etc/hosts.tmp && cat /etc/hosts.base /etc/hosts.tmp >> /etc/hosts && rm /etc/hosts.tmp && sed 's/^ *//; s/ *$//; /$/d' /etc/hosts it works. Since #-char has no purpose (except in malicious intent here), you can grep the lines with them all away.
cat hosts.txt | grep -v ^# | cut -d "#" -f 1 | grep -v localhost >> /etc/hosts.tmp && cat /etc/hosts.base /etc/hosts.tmp >> /etc/hosts && rm /etc/hosts.tmp && sed 's/^ *//; s/ *$//; /$/d' /etc/hosts
cat hosts.txt | grep -v "#" | grep -v localhost >> /etc/hosts.tmp && cat /etc/hosts.base /etc/hosts.tmp >> /etc/hosts && rm /etc/hosts.tmp && sed 's/^ *//; s/ *$//; /$/d' /etc/hosts