Checking change of directory
Peter Miles
uaa1006 at dircon.co.uk
Tue May 28 22:40:51 AEST 1991
Has anyone done any work on keeping users within a certain directory
tree?
I'm writing a "mini shell" which will only allow users a limited
number of commands. I'm intending adding a 'cd' (change directory)
command which will only allow users to move to directories below
their HOME dir. I do this currently by looking at the string
entered by the user, checking and rejecting any relative movements
(../. etc). Then I strcat the user's string onto the end of
their home directory string. However, I'd like to be able to
allow relative movements.
Is there any function available which, when given a string such
as "../../etc" or whatever, can resolve this into the
absolute path which I can then compare with the HOME dir and
accept or reject?
I will also use this in various programs such as editors to
prevent users from reading in files from outside their HOME
directory tree.
The Boss basically wants to stop people from being able to access
files in each others directories, and not have to rely on people
using chown/chmod correctly.
I know about chroot, but the problem with that is I want users
to be able to run certain programs which require access to /etc,
/dev etc. The system I'm using doesn't support symbolic links.
Please reply by mail and I'll summarize if there's interest.
-- Pete
--
Pete Miles uaa1006 at dircon.co.uk
...ukc!dircon!uaa1006
More information about the Comp.unix.programmer
mailing list