0

I am writing a posix compliment shell script that will, amongst other things, clone a git repository and then execute a script (that was cloned along with the repository) inside the repository.

For example:

git clone git@github.com:torvalds/linux.git
cd linux
./Kconfig

The idea would be that people would use it for good, not evil, but you know.... So really I would like stop people from doing putting a line like:

rm -rf /

Inside the script.
Or perhaps something slightly less evil like:

rm -rf ../../

Is it possible for me to somehow change the permissions of the script (after the clone) so that it is only able to modify things inside the cloned repository?

supercrabtree
  • 70
  • 1
  • 5
  • 1
    well rm -rf / really depends on the permissions of the user running that command, usually a user would not be able to remove / and the udnerlying directories – Adel Ahmed Feb 13 '16 at 11:33
  • A docker container perhaps? – Dima Chubarov Feb 13 '16 at 11:39
  • You could setup a chroot environment using [schroot](http://linux.die.net/man/1/schroot). That way, `rm -rf /` wouldn't delete the root of the file system but the root of the chroot jail. – kba Feb 13 '16 at 11:42

1 Answers1

1

Basically the answer for your question is the chroot command, which allows you to lock in processes in a directory as if it was the root directory. chroot requires root privileges to setup, but there are alternative implementations such has schroot, fakechroot, or proot that don't. Because all file system access (also read) is restricted, you will need to hand in anything that the scripts need to function into the chrooted environment. How to do that conveniently depends on your distribution.

That doesn't necessarily mean it is perfectly secure, because it provides only file system isolation.

Zulan
  • 21,896
  • 6
  • 49
  • 109