uaa1006@dircon.co.uk (Peter Miles) (05/28/91)
Has anyone done any work on keeping users within a certain directory
tree?
I'm writing a "mini shell" which will only allow users a limited
number of commands. I'm intending adding a 'cd' (change directory)
command which will only allow users to move to directories below
their HOME dir. I do this currently by looking at the string
entered by the user, checking and rejecting any relative movements
(../. etc). Then I strcat the user's string onto the end of
their home directory string. However, I'd like to be able to
allow relative movements.
Is there any function available which, when given a string such
as "../../etc" or whatever, can resolve this into the
absolute path which I can then compare with the HOME dir and
accept or reject?
I will also use this in various programs such as editors to
prevent users from reading in files from outside their HOME
directory tree.
The Boss basically wants to stop people from being able to access
files in each others directories, and not have to rely on people
using chown/chmod correctly.
I know about chroot, but the problem with that is I want users
to be able to run certain programs which require access to /etc,
/dev etc. The system I'm using doesn't support symbolic links.
Please reply by mail and I'll summarize if there's interest.
-- Pete
--
Pete Miles uaa1006@dircon.co.uk
...ukc!dircon!uaa1006martin@mwtech.UUCP (Martin Weitzel) (05/29/91)
In article <1991May28.124051.23538@dircon.co.uk> uaa1006@dircon.co.uk (Peter Miles) writes: > >Is there any function available which, when given a string such >as "../../etc" or whatever, can resolve this into the >absolute path which I can then compare with the HOME dir and >accept or reject? If I don't miss anything important, you should be able to obtain the desired information as follows: ---------------------------------------------------------------------- FILE *fp = popen("IFS='\t ';PATH='/bin:/usr/bin'; cd xxx && pwd", "r"); /* ^^^ * Make the target directory appear here ------------^^^; * check for embedded funny characters that may change the shell's * parsing of this line. (To play safe, only allow alpha-numeric * characters, underscore, and dot.) If the given directory doesn't * exist, you may further want to suppress error messages from the * shell by redirecting 2>/dev/null in the above command line. */ char buffer[200]; /* ^^^ * Set this ^^^ to whatever you think is appropriate. */ int err = 0; if (fp == (FILE *)0) err++; else { if (fgets(buffer, sizeof buffer, fp) == (char *)0) err++; else { int n = strlen(buffer); if (n == 0 || buffer[n-1] != '\n') err++; else buffer[n-1] = '\0'; } if (pclose(fp) != 0) err++; } if (err) { /* * Destination directory doesn't exist or user tries to trick * you out with non-readable intermediate path components. */ } else { /* * Absolute path to destination directory is now in buffer. */ } ---------------------------------------------------------------------- I've three times checked the above and hope there are no silly typos. -- Martin Weitzel, email: martin@mwtech.UUCP, voice: 49-(0)6151-6 56 83