On 7/5/2019 6:31 PM, songbird wrote:
> mick crane wrote:
>> hello,
>> I doing some code in perl and I'm not very good at it.
>> code makes some images and saves them to a directory.
>> If the directory doesn't exist it gets made and if it does exist all the
>> files in it get deleted before putting some new ones in.
>> I'm thinking that if I ever give it to somebody it's possible they might
>> call the directory
>> "~/" or something and end up deleting all their files, which I'd like to
>> avoid.
>> How would that best be avoided ?
>> Is that something to do with chroot which I don't know anything about.
>
Answering here to the OP and assuming that the directory path is passed
to the script as argument:
~/ is a shortcut for ${HOME} which is the user home directory.
So ${HOME} will expand to '/home/user', you can simply check for that in
your script.
In a shell script I would do something like:
Take 1:
[ $1 = ${HOME} ] || { echo " Directory (${1}) not allowed." >&2; exit 1; }
Take 2 (pick one of the two if lines):
if [ $1 != /home/$(id -u) ]; then
if [ $1 != /home/$USER ]; then
echo " Directory (${1}) not allowed." >&2
exit 1
fi
The idea here is to eider only allow a specific directory to work in or
to deny access to some specific directories.
The former is easier to implement.
While you could execute your script in a chroot, not everyone will be
able to use a chroot.
--
John Doe
