add /root in unauthorized paths (import from cluster files, from warly/mrl/claudio ?)

1 files changed, 4 insertions, 4 deletions

diff --git a/iurt_root_command b/iurt_root_command
index 361e01d..d106eba 100755
--- a/iurt_root_command
+++ b/iurt_root_command
@@ -153,7 +153,7 @@ sub mkdir {
     my ($_run, $opt, @dir) = @_;
     foreach my $path (@dir) {
 	-d $path and next;
-	if ($path =~ m,/dev|/proc|/var, && $path !~ /chroot|unionfs/) {
+	if ($path =~ m,/dev|/proc|/root|/var, && $path !~ /chroot|unionfs/) {
 	    plog('FAIL', "ERROR: $path creation forbidden");
 	}
 	if ($opt->{parents}) {
@@ -178,7 +178,7 @@ sub rm {
     my ($_run, $opt, @files) = @_;
     my $ok = 1;
     my $done;
-    my $unauthorized = "^(/etc|/dev|/var|/lib|/usr)";
+    my $unauthorized = "^(/etc|/root|/dev|/var|/lib|/usr)";
 
     foreach my $f (@files) {
 	if (-d $f) {
@@ -232,7 +232,7 @@ sub cp {
     my $ok = 1;
     my $done;
     my $dest = pop @files;
-    my $unauthorized = "^(/etc|/dev|/var|/lib|/usr)";
+    my $unauthorized = "^(/etc|/root|/dev|/var|/lib|/usr)";
     if ($dest =~ /$unauthorized/ || $dest eq '/') {
 	plog('FAIL', "copying to $dest forbidden");
 	return;
@@ -275,7 +275,7 @@ sub cp {
 
 sub ln {
     my ($_run, $_opt, $file1, $file2) = @_;
-    my $unauthorized = "^(/etc|/dev|/var|/lib|/usr)";
+    my $unauthorized = "^(/etc|/root|/dev|/var|/lib|/usr)";
     if ($file2 =~ /$unauthorized/ || $file2 eq '/') {
 	plog('FAIL', "linking to $file2 forbidden");
 	return;