In the message dated: Wed, 22 Feb 2006 17:17:21 EST, The pithy ruminations from Dan Pritts on <Re: [BackupPC-users] escaping command line options> were: => You might look into SELinux capabilities if you're running Linux. => => Solaris 10 has some similar features: => http://www.sun.com/bigadmin/xperts/sessions/16_prm/ => => more as an answer to your question, try implementing this thing => in perl. It's better suited to the kind of string processing you're => doing. => => Maybe this: => => #!/usr/bin/perl -w => => $cmd=$ENV{'SSH_ORIGINAL_COMMAND'} => => if ( $cmd =~ /[*|?{~\(\[\$\`]/ ) { => die "error, unallowed character in command string\n"
It may be better to specify the list of allowed characters, rather than the reverse. Try: if ( $cmd !~ /^[\w\d\.-]+$/ ) { to allow just letters, numbers, underscore (part of \w), dash, and period. => } => => if ( $cmd =~ /^\/usr\/bin\/rsync --server/ ) { => # for more security, split this into an array and exec => # the array, that will prevent it from being run by a subshell => exec "$cmd"; => } => => die "error, command didn\'t start /usr/bin/rsync --server"; In thinking about this more, I'd like to get a clearer idea of the goal of the script. If I understand it correctly, the intent is to allow untrusted users to initiate backups of subsets of a client machine on which they have an account. If this is correct, then here's an alternative proposal.... Have the wrapper script simply be something like: #! /bin/sh /usr/bin/rsync --server --port 10873 $* (Obviously, the corresponding backup process on the BackupPC server will need to include the same port specification.) However, the ssh connection, and the script, will be run as the untrusted user, not as root. In this case, the user will only be able to backup files that they'd otherwise have permission to read from the shell. The question of allowing users to restore only their own files, without the ability to access files that they couldn't read from the shell, is another problem... Mark => => This probably has syntax errors and i've probably missed some => metacharacter that you should exclude. => => danno => ---- Mark Bergman [EMAIL PROTECTED] Seeking a Unix/Linux sysadmin position local to Philadelphia or via telecommuting http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=bergman%40merctech.com ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/backuppc-users http://backuppc.sourceforge.net/