aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xiurt_root_command19
1 files changed, 5 insertions, 14 deletions
diff --git a/iurt_root_command b/iurt_root_command
index 7abd842..3104062 100755
--- a/iurt_root_command
+++ b/iurt_root_command
@@ -243,7 +243,6 @@ sub rm {
my ($_run, $opt, @files) = @_;
my $ok = 1;
my $done;
- my $unauthorized = "^(/etc|/root|/dev|/var|/lib|/usr)";
foreach my $f (@files) {
if (-d $f) {
@@ -251,7 +250,7 @@ sub rm {
plog('WARN', "can't remove directories without the -r option");
$ok = 0;
} else {
- if ($f =~ m,$unauthorized,) {
+ if (!check_path_authorized($f)) {
plog('FAIL', "removal of $f forbidden");
$ok = 0;
} else {
@@ -261,7 +260,7 @@ sub rm {
}
}
} else {
- if ($f =~ m,/$unauthorized,) {
+ if (!check_path_authorized($f)) {
plog("removal of $f forbidden");
$ok = 0;
} else {
@@ -271,7 +270,7 @@ sub rm {
if ($f =~ /[*?]/) {
foreach my $file (glob $f) {
- if ($f =~ m,$unauthorized,) {
+ if (!check_path_authorized($f)) {
plog('FAIL', "removal of $f forbidden");
$ok = 0;
} else {
@@ -297,11 +296,7 @@ sub cp {
my $ok = 1;
my $done;
my $dest = pop @files;
- my $unauthorized = "^(/etc|/root|/dev|/var|/lib|/usr)";
- if ($dest =~ /$unauthorized/ || $dest eq '/') {
- plog('FAIL', "copying to $dest forbidden");
- return;
- }
+ check_path_authorized($dest) or return;
foreach my $f (@files) {
if (-d $f) {
if (!$opt->{recursive}) {
@@ -340,11 +335,7 @@ sub cp {
sub ln {
my ($_run, $_opt, $file1, $file2) = @_;
- my $unauthorized = "^(/etc|/root|/dev|/var|/lib|/usr)";
- if ($file2 =~ /$unauthorized/ || $file2 eq '/') {
- plog('FAIL', "linking to $file2 forbidden");
- return;
- }
+ check_path_authorized($file1) && check_path_authorized($file2) or return;
link $file1, $file2;
}