Solved

Execution upon directory entrance?

Posted on 2004-03-26
17
352 Views
Last Modified: 2010-04-21
Just curious

If this is not possible, you'll still receive full credit saying "not possible"

But I was wondering if unix can automatically execute a script, (shell script or perl), upon entering a directory.

For example, lets say:

/usr/bin contains a script called "file_filter.sh".

Now, lets just say that "file_filter.sh" just contains a command like: ls -lart | grep -i ramble

So, we do this:

# pwd
/
# cd temp
# cd website
# cd Ramble
-rwx------   1 ramble    user       2166 Mar 19 11:21 index.html
-rw-------   1 ramble    user        877 Mar 19 11:21 something.cgi
drwx------   6 ramble    user        512 Mar 25 09:01 ..
-rwx------   1 ramble    user        852 Mar 26 11:22 README
drwxr-xr-x   2 ramble    user        512 Mar 26 14:38 .
#pwd
/temp/website/Ramble

So, upon entering the Ramble directory, the file_filter.sh script was executed, and displayed.


thanks_ramble
0
Comment
Question by:ramble
  • 4
  • 3
  • 2
  • +5
17 Comments
 
LVL 7

Assisted Solution

by:fim32
fim32 earned 50 total points
ID: 10691532
hmm, but to run a script and stay in the directory...

i would do this.  make your file_filter.sh like so:
#!/bin/sh
cd ${1}
ls -lart | grep -i ramble

then, make an alias named something like "chdir" (which doesn't exist on unix):
alias chdir=". file_filter.sh"

and then when you use chdir, it will work.

don't think you can alias cd and expect it to, tho, because the cd that you're using in your script would also get aliased... making a messy loop.
0
 
LVL 6

Assisted Solution

by:bira
bira earned 50 total points
ID: 10691973
Create an user whose home directory is /temp/website/ramble
create a .profile file to this user in this directory, containing the command:
 ls -lart | grep -i ramble

  Anytime you log as this user, the command will run
  automatically.
0
 
LVL 44

Assisted Solution

by:Karl Heinz Kremer
Karl Heinz Kremer earned 50 total points
ID: 10694445
It's not possible, this is not Windows :-) You may be able to play tricks with aliasing the cd command, but this will not work if you e.g. do a cd with the chdir system call (which would allow you to write your own cd command with e..g a Perl script that would circumvent your program).
0
Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

 
LVL 9

Assisted Solution

by:Alf666
Alf666 earned 50 total points
ID: 10694883
Securitywise, it would be like hell with traps every other dir :-)

Imagine you are root, cd to /tmp and voila.... A nice hidden root shell script is created somewhere else.

BAAAAAD :-)
0
 

Author Comment

by:ramble
ID: 10695635

Yes, but perhaps it could be use *for* security purposes.  Kind of a tracking mechanism.  Imagine if the file_filter.sh was a mail.sh script, that would email someones pager, upon a user/power user entering/exploring areas that are otherwise restricted. (as well as logging enter time, and frequency)

Just a thought.
0
 
LVL 44

Expert Comment

by:Karl Heinz Kremer
ID: 10695696
I figured that you want to use this "non-feature" for security related purposes. That's why I said that it could be circumvented by very simple means.
You could modify your kernel file system drivers so that some program gets started (or the event gets logged to a log file), but short of messing with the kernel, it's not possible.
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 50 total points
ID: 10696663
not possible, as khkremer said.
either replace or alias cd and/or ls, that's it
but keep in mind that you need to take everywher when you alias basic system or shell commands, there're infinite dragons ...
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 50 total points
ID: 10698795
ftp
ftp> !
$ cd /
$ .....
0
 
LVL 20

Assisted Solution

by:Gns
Gns earned 50 total points
ID: 10703812
... Just to add another "non-solution" (I agree with the above nay-sayers (Karl Heinz and Achim mainly:))... Some shells have a "prompt command feature" that you could vell use too... Horribly inefficient, and as easily fooled. For "security" of this kind we're looking at "(non-)shell menu systems" or accounting and hostbased IDSes.

-- Glenn
0
 
LVL 7

Expert Comment

by:fim32
ID: 10705990
ah, now if you really, really, really wanted to make this work... you could just rewrite the sh code?
0
 
LVL 9

Expert Comment

by:Alf666
ID: 10707742
fim32 : Nope. As stated before. The real place is in the kernel. Though I would not want to have to write a kernel option that messes with user space files content...

If you just rewrite the shell, only the shell gets the security feature. Any other prog will circumvent it.

You'd have to add code to the chdir() and optionally open() system calls.
0
 
LVL 62

Expert Comment

by:gheist
ID: 10708083
and modify semantics of any of few thousands of syscalls and make a system unlike any other in the world ....
0
 

Author Comment

by:ramble
ID: 10715506

gheist: what are you doing with the ftp?  Just wondering what you're thinking...

0
 
LVL 62

Expert Comment

by:gheist
ID: 10716020
that you can exec any command from within ftp client, telnet client, vi editor and many more, especially alternate shell.

Have a look at jail from freebsd and systrace from openbsd, one makes restricted full system within running system subtree, another allows to imply restrictions on syscalls made by programs, there must be something alike for Linux too.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 10721042
gheist, don't tell people the power of a 250kb program (vi), which they abandoned 20 years ago ;-))
0
 

Author Comment

by:ramble
ID: 10722407
Well, I undertood you were firing off a shell, but I wasn't sure what the:

$ .....

Which now, i presume, just means: etc...
0
 
LVL 62

Expert Comment

by:gheist
ID: 10723092
..... which means that you have unrestricted shell back.....
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
FreeBSD on EC2 FreeBSD (https://www.freebsd.org) is a robust Unix-like operating system that has been around for many years. FreeBSD is available on Amazon EC2 through Amazon Machine Images (AMIs) provided by FreeBSD developer and security office…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question