Solved

Execution upon directory entrance?

Posted on 2004-03-26
17
348 Views
Last Modified: 2010-04-21
Just curious

If this is not possible, you'll still receive full credit saying "not possible"

But I was wondering if unix can automatically execute a script, (shell script or perl), upon entering a directory.

For example, lets say:

/usr/bin contains a script called "file_filter.sh".

Now, lets just say that "file_filter.sh" just contains a command like: ls -lart | grep -i ramble

So, we do this:

# pwd
/
# cd temp
# cd website
# cd Ramble
-rwx------   1 ramble    user       2166 Mar 19 11:21 index.html
-rw-------   1 ramble    user        877 Mar 19 11:21 something.cgi
drwx------   6 ramble    user        512 Mar 25 09:01 ..
-rwx------   1 ramble    user        852 Mar 26 11:22 README
drwxr-xr-x   2 ramble    user        512 Mar 26 14:38 .
#pwd
/temp/website/Ramble

So, upon entering the Ramble directory, the file_filter.sh script was executed, and displayed.


thanks_ramble
0
Comment
Question by:ramble
  • 4
  • 3
  • 2
  • +5
17 Comments
 
LVL 7

Assisted Solution

by:fim32
fim32 earned 50 total points
Comment Utility
hmm, but to run a script and stay in the directory...

i would do this.  make your file_filter.sh like so:
#!/bin/sh
cd ${1}
ls -lart | grep -i ramble

then, make an alias named something like "chdir" (which doesn't exist on unix):
alias chdir=". file_filter.sh"

and then when you use chdir, it will work.

don't think you can alias cd and expect it to, tho, because the cd that you're using in your script would also get aliased... making a messy loop.
0
 
LVL 6

Assisted Solution

by:bira
bira earned 50 total points
Comment Utility
Create an user whose home directory is /temp/website/ramble
create a .profile file to this user in this directory, containing the command:
 ls -lart | grep -i ramble

  Anytime you log as this user, the command will run
  automatically.
0
 
LVL 44

Assisted Solution

by:Karl Heinz Kremer
Karl Heinz Kremer earned 50 total points
Comment Utility
It's not possible, this is not Windows :-) You may be able to play tricks with aliasing the cd command, but this will not work if you e.g. do a cd with the chdir system call (which would allow you to write your own cd command with e..g a Perl script that would circumvent your program).
0
 
LVL 9

Assisted Solution

by:Alf666
Alf666 earned 50 total points
Comment Utility
Securitywise, it would be like hell with traps every other dir :-)

Imagine you are root, cd to /tmp and voila.... A nice hidden root shell script is created somewhere else.

BAAAAAD :-)
0
 

Author Comment

by:ramble
Comment Utility

Yes, but perhaps it could be use *for* security purposes.  Kind of a tracking mechanism.  Imagine if the file_filter.sh was a mail.sh script, that would email someones pager, upon a user/power user entering/exploring areas that are otherwise restricted. (as well as logging enter time, and frequency)

Just a thought.
0
 
LVL 44

Expert Comment

by:Karl Heinz Kremer
Comment Utility
I figured that you want to use this "non-feature" for security related purposes. That's why I said that it could be circumvented by very simple means.
You could modify your kernel file system drivers so that some program gets started (or the event gets logged to a log file), but short of messing with the kernel, it's not possible.
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 50 total points
Comment Utility
not possible, as khkremer said.
either replace or alias cd and/or ls, that's it
but keep in mind that you need to take everywher when you alias basic system or shell commands, there're infinite dragons ...
0
 
LVL 61

Assisted Solution

by:gheist
gheist earned 50 total points
Comment Utility
ftp
ftp> !
$ cd /
$ .....
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 20

Assisted Solution

by:Gns
Gns earned 50 total points
Comment Utility
... Just to add another "non-solution" (I agree with the above nay-sayers (Karl Heinz and Achim mainly:))... Some shells have a "prompt command feature" that you could vell use too... Horribly inefficient, and as easily fooled. For "security" of this kind we're looking at "(non-)shell menu systems" or accounting and hostbased IDSes.

-- Glenn
0
 
LVL 7

Expert Comment

by:fim32
Comment Utility
ah, now if you really, really, really wanted to make this work... you could just rewrite the sh code?
0
 
LVL 9

Expert Comment

by:Alf666
Comment Utility
fim32 : Nope. As stated before. The real place is in the kernel. Though I would not want to have to write a kernel option that messes with user space files content...

If you just rewrite the shell, only the shell gets the security feature. Any other prog will circumvent it.

You'd have to add code to the chdir() and optionally open() system calls.
0
 
LVL 61

Expert Comment

by:gheist
Comment Utility
and modify semantics of any of few thousands of syscalls and make a system unlike any other in the world ....
0
 

Author Comment

by:ramble
Comment Utility

gheist: what are you doing with the ftp?  Just wondering what you're thinking...

0
 
LVL 61

Expert Comment

by:gheist
Comment Utility
that you can exec any command from within ftp client, telnet client, vi editor and many more, especially alternate shell.

Have a look at jail from freebsd and systrace from openbsd, one makes restricted full system within running system subtree, another allows to imply restrictions on syscalls made by programs, there must be something alike for Linux too.
0
 
LVL 51

Expert Comment

by:ahoffmann
Comment Utility
gheist, don't tell people the power of a 250kb program (vi), which they abandoned 20 years ago ;-))
0
 

Author Comment

by:ramble
Comment Utility
Well, I undertood you were firing off a shell, but I wasn't sure what the:

$ .....

Which now, i presume, just means: etc...
0
 
LVL 61

Expert Comment

by:gheist
Comment Utility
..... which means that you have unrestricted shell back.....
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

A metadevice consists of one or more devices (slices). It can be expanded by adding slices. Then, it can be grown to fill a larger space while the file system is in use. However, not all UNIX file systems (UFS) can be expanded this way. The conca…
Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now