source-git / ksh

Clone
Source Code
GIT

Blame src/cmd/ksh93/tests/restricted.sh

c8 c8s master
  1.   a8c26ce6a5c8f222432da3c65b78237f94b1efef
  2.   src
  3.   cmd
  4.   ksh93
  5.   tests
  6.   restricted.sh
Blob History Raw
Packit Service a8c26c 
########################################################################
Packit Service a8c26c 
#                                                                      #
Packit Service a8c26c 
#               This software is part of the ast package               #
Packit Service a8c26c 
#          Copyright (c) 1982-2011 AT&T Intellectual Property          #
Packit Service a8c26c 
#                      and is licensed under the                       #
Packit Service a8c26c 
#                 Eclipse Public License, Version 1.0                  #
Packit Service a8c26c 
#                    by AT&T Intellectual Property                     #
Packit Service a8c26c 
#                                                                      #
Packit Service a8c26c 
#                A copy of the License is available at                 #
Packit Service a8c26c 
#          http://www.eclipse.org/org/documents/epl-v10.html           #
Packit Service a8c26c 
#         (with md5 checksum b35adb5213ca9657e911e9befb180842)         #
Packit Service a8c26c 
#                                                                      #
Packit Service a8c26c 
#              Information and Software Systems Research               #
Packit Service a8c26c 
#                            AT&T Research                             #
Packit Service a8c26c 
#                           Florham Park NJ                            #
Packit Service a8c26c 
#                                                                      #
Packit Service a8c26c 
#                  David Korn <dgk@research.att.com>                   #
Packit Service a8c26c 
#                                                                      #
Packit Service a8c26c 
########################################################################
Packit Service a8c26c 
function err_exit
Packit Service a8c26c 
{
Packit Service a8c26c 
	print -u2 -n "\t"
Packit Service a8c26c 
	print -u2 -r ${Command}[$1]: "${@:2}"
Packit Service a8c26c 
	let Errors+=1
Packit Service a8c26c 
}
Packit Service a8c26c 
alias err_exit='err_exit $LINENO'
Packit Service a8c26c
Packit Service a8c26c 
Command=${0##*/}
Packit Service a8c26c 
integer Errors=0
Packit Service a8c26c
Packit Service a8c26c 
tmp=$(mktemp -dt) || { err_exit mktemp -dt failed; exit 1; }
Packit Service a8c26c 
trap "cd /; rm -rf $tmp" EXIT
Packit Service a8c26c
Packit Service a8c26c 
# test restricted shell
Packit Service a8c26c 
pwd=$PWD
Packit Service a8c26c 
case $SHELL in
Packit Service a8c26c 
/*)	;;
Packit Service a8c26c 
*/*)	SHELL=$pwd/$SHELL;;
Packit Service a8c26c 
*)	SHELL=$(whence "$SHELL");;
Packit Service a8c26c 
esac
Packit Service a8c26c 
function check_restricted
Packit Service a8c26c 
{
Packit Service a8c26c 
	rm -f out
Packit Service a8c26c 
	LC_MESSAGES=C rksh -c "$@" 2> out > /dev/null
Packit Service a8c26c 
	grep restricted out  > /dev/null 2>&1
Packit Service a8c26c 
}
Packit Service a8c26c
Packit Service a8c26c 
[[ $SHELL != /* ]] && SHELL=$pwd/$SHELL
Packit Service a8c26c 
cd $tmp || err_exit "cd $tmp failed"
Packit Service a8c26c 
ln -s $SHELL rksh
Packit Service a8c26c 
PATH=$PWD:$PATH
Packit Service a8c26c 
rksh -c  '[[ -o restricted ]]' || err_exit 'restricted option not set'
Packit Service a8c26c 
[[ $(rksh -c 'print hello') == hello ]] || err_exit 'unable to run print'
Packit Service a8c26c 
check_restricted /bin/echo || err_exit '/bin/echo not resticted'
Packit Service a8c26c 
check_restricted ./echo || err_exit './echo not resticted'
Packit Service a8c26c 
check_restricted 'SHELL=ksh' || err_exit 'SHELL asignment not resticted'
Packit Service a8c26c 
check_restricted 'PATH=/bin' || err_exit 'PATH asignment not resticted'
Packit Service a8c26c 
check_restricted 'FPATH=/bin' || err_exit 'FPATH asignment not resticted'
Packit Service a8c26c 
check_restricted 'ENV=/bin' || err_exit 'ENV asignment not resticted'
Packit Service a8c26c 
check_restricted 'print > file' || err_exit '> file not restricted'
Packit Service a8c26c 
> empty
Packit Service a8c26c 
check_restricted 'print <> empty' || err_exit '<> file not restricted'
Packit Service a8c26c 
print 'echo hello' > script
Packit Service a8c26c 
chmod +x ./script
Packit Service a8c26c 
! check_restricted script ||  err_exit 'script without builtins should run in restricted mode'
Packit Service a8c26c 
check_restricted ./script ||  err_exit 'script with / in name should not run in restricted mode'
Packit Service a8c26c 
print '/bin/echo hello' > script
Packit Service a8c26c 
! check_restricted script ||  err_exit 'script with pathnames should run in restricted mode'
Packit Service a8c26c 
print 'echo hello> file' > script
Packit Service a8c26c 
! check_restricted script ||  err_exit 'script with output redirection should run in restricted mode'
Packit Service a8c26c 
print 'PATH=/bin' > script
Packit Service a8c26c 
! check_restricted script ||  err_exit 'script with PATH assignment should run in restricted mode'
Packit Service a8c26c 
cat > script <
Packit Service a8c26c 
#! $SHELL
Packit Service a8c26c 
print hello
Packit Service a8c26c 
!
Packit Service a8c26c 
! check_restricted 'script;:' ||  err_exit 'script with #! pathname should run in restricted mode'
Packit Service a8c26c 
! check_restricted 'script' ||  err_exit 'script with #! pathname should run in restricted mode even if last command in script'
Packit Service a8c26c 
for i in PATH ENV FPATH
Packit Service a8c26c 
do	check_restricted  "function foo { typeset $i=foobar;};foo" || err_exit "$i can be changed in function by using typeset"
Packit Service a8c26c 
done
Packit Service a8c26c
Packit Service a8c26c 
exit $((Errors<125?Errors:125))

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation