Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!uunet!mcsun!ukc!slxsys!dircon!uaa1006
From: uaa1006@dircon.co.uk (Peter Miles)
Newsgroups: comp.unix.programmer
Subject: Checking change of directory
Message-ID: <1991May28.124051.23538@dircon.co.uk>
Date: 28 May 91 12:40:51 GMT
Organization: The Direct Connection, UK
Lines: 36


Has anyone done any work on keeping users within a certain directory 
tree?

I'm writing a "mini shell" which will only allow users a limited 
number of commands. I'm intending adding a 'cd' (change directory)
command which will only allow users to move to directories below 
their HOME dir. I do this currently by looking at the string
entered by the user, checking and rejecting any relative movements
(../. etc). Then I strcat the user's string onto the end of 
their home directory string. However, I'd like to be able to 
allow relative movements.

Is there any function available which, when given a string such 
as "../../etc" or whatever, can resolve this into the 
absolute path which I can then compare with the HOME dir and 
accept or reject?

I will also use this in various programs such as editors to
prevent users from reading in files from outside their HOME
directory tree. 

The Boss basically wants to stop people from being able to access 
files in each others directories, and not have to rely on people 
using chown/chmod correctly.

I know about chroot, but the problem with that is I want users 
to be able to run certain programs which require access to /etc, 
/dev etc. The system I'm using doesn't support symbolic links.

Please reply by mail and I'll summarize if there's interest.

                        -- Pete
-- 
Pete Miles			uaa1006@dircon.co.uk
				...ukc!dircon!uaa1006