[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: not wanting to delete somebody's home directory



On 7/5/2019 6:31 PM, songbird wrote:
> mick crane wrote:
>> hello,
>> I doing some code in perl and I'm not very good at it.
>> code makes some images and saves them to a directory.
>> If the directory doesn't exist it gets made and if it does exist all the
>> files in it get deleted before putting some new ones in.
>> I'm thinking that if I ever give it to somebody it's possible they might
>> call the directory
>> "~/" or something and end up deleting all their files, which I'd like to
>> avoid.
>> How would that best be avoided ?
>> Is that something to do with chroot which I don't know anything about.
>

Answering here to the OP and assuming that the directory path is passed
to the script as argument:

~/ is a shortcut for ${HOME} which is the user home directory.

So ${HOME} will expand to '/home/user', you can simply check for that in
your script.
In a shell script I would do something like:

Take 1:

[ $1 = ${HOME} ] || { echo "   Directory (${1}) not allowed." >&2; exit 1; }
Take 2 (pick one of the two if lines):

if [ $1 != /home/$(id -u) ]; then
if [ $1 != /home/$USER ]; then
    echo "   Directory (${1}) not allowed." >&2
    exit 1
fi


The idea here is to eider only allow a specific directory to work in or
to deny access to some specific directories.
The former is easier to implement.

While you could execute your script in a chroot, not everyone will be
able to use a chroot.

--
John Doe


Reply to: