diff options
Diffstat (limited to 'iurt_root_command')
| -rwxr-xr-x | iurt_root_command | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/iurt_root_command b/iurt_root_command index 361e01d..d106eba 100755 --- a/iurt_root_command +++ b/iurt_root_command @@ -153,7 +153,7 @@ sub mkdir { my ($_run, $opt, @dir) = @_; foreach my $path (@dir) { -d $path and next; - if ($path =~ m,/dev|/proc|/var, && $path !~ /chroot|unionfs/) { + if ($path =~ m,/dev|/proc|/root|/var, && $path !~ /chroot|unionfs/) { plog('FAIL', "ERROR: $path creation forbidden"); } if ($opt->{parents}) { @@ -178,7 +178,7 @@ sub rm { my ($_run, $opt, @files) = @_; my $ok = 1; my $done; - my $unauthorized = "^(/etc|/dev|/var|/lib|/usr)"; + my $unauthorized = "^(/etc|/root|/dev|/var|/lib|/usr)"; foreach my $f (@files) { if (-d $f) { @@ -232,7 +232,7 @@ sub cp { my $ok = 1; my $done; my $dest = pop @files; - my $unauthorized = "^(/etc|/dev|/var|/lib|/usr)"; + my $unauthorized = "^(/etc|/root|/dev|/var|/lib|/usr)"; if ($dest =~ /$unauthorized/ || $dest eq '/') { plog('FAIL', "copying to $dest forbidden"); return; @@ -275,7 +275,7 @@ sub cp { sub ln { my ($_run, $_opt, $file1, $file2) = @_; - my $unauthorized = "^(/etc|/dev|/var|/lib|/usr)"; + my $unauthorized = "^(/etc|/root|/dev|/var|/lib|/usr)"; if ($file2 =~ /$unauthorized/ || $file2 eq '/') { plog('FAIL', "linking to $file2 forbidden"); return; |