We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Execution upon directory entrance?

ramble
ramble asked
on
Medium Priority
372 Views
Last Modified: 2010-04-21
Just curious

If this is not possible, you'll still receive full credit saying "not possible"

But I was wondering if unix can automatically execute a script, (shell script or perl), upon entering a directory.

For example, lets say:

/usr/bin contains a script called "file_filter.sh".

Now, lets just say that "file_filter.sh" just contains a command like: ls -lart | grep -i ramble

So, we do this:

# pwd
/
# cd temp
# cd website
# cd Ramble
-rwx------   1 ramble    user       2166 Mar 19 11:21 index.html
-rw-------   1 ramble    user        877 Mar 19 11:21 something.cgi
drwx------   6 ramble    user        512 Mar 25 09:01 ..
-rwx------   1 ramble    user        852 Mar 26 11:22 README
drwxr-xr-x   2 ramble    user        512 Mar 26 14:38 .
#pwd
/temp/website/Ramble

So, upon entering the Ramble directory, the file_filter.sh script was executed, and displayed.


thanks_ramble
Comment
Watch Question

Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview
CERTIFIED EXPERT
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview

Author

Commented:

Yes, but perhaps it could be use *for* security purposes.  Kind of a tracking mechanism.  Imagine if the file_filter.sh was a mail.sh script, that would email someones pager, upon a user/power user entering/exploring areas that are otherwise restricted. (as well as logging enter time, and frequency)

Just a thought.
CERTIFIED EXPERT

Commented:
I figured that you want to use this "non-feature" for security related purposes. That's why I said that it could be circumvented by very simple means.
You could modify your kernel file system drivers so that some program gets started (or the event gets logged to a log file), but short of messing with the kernel, it's not possible.
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview
Top Expert 2015
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview
Gns
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview

Commented:
ah, now if you really, really, really wanted to make this work... you could just rewrite the sh code?

Commented:
fim32 : Nope. As stated before. The real place is in the kernel. Though I would not want to have to write a kernel option that messes with user space files content...

If you just rewrite the shell, only the shell gets the security feature. Any other prog will circumvent it.

You'd have to add code to the chdir() and optionally open() system calls.
Top Expert 2015

Commented:
and modify semantics of any of few thousands of syscalls and make a system unlike any other in the world ....

Author

Commented:

gheist: what are you doing with the ftp?  Just wondering what you're thinking...

Top Expert 2015

Commented:
that you can exec any command from within ftp client, telnet client, vi editor and many more, especially alternate shell.

Have a look at jail from freebsd and systrace from openbsd, one makes restricted full system within running system subtree, another allows to imply restrictions on syscalls made by programs, there must be something alike for Linux too.
gheist, don't tell people the power of a 250kb program (vi), which they abandoned 20 years ago ;-))

Author

Commented:
Well, I undertood you were firing off a shell, but I wasn't sure what the:

$ .....

Which now, i presume, just means: etc...
Top Expert 2015

Commented:
..... which means that you have unrestricted shell back.....
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.