How to disable linux UNZIP function ?

Posted on 2009-02-13
Last Modified: 2013-12-26

May i know how to disable "unzip" from running my my shared hosting user ?

I would like to disable the zipfile from being extracted using the server unzip function.

My server are using Centos 5.2 Enterprise.

Appreciates if anybody can help me on this .

Thank you.
Question by:smksa
    LVL 68

    Accepted Solution

    locate your zip/unzip binaries and remove their 'execute' flag for 'others'
    chmod o-x [/path/to/zip] [/path/to/unzip]
    and see if this helps.
    LVL 8

    Assisted Solution

    If you don't want to completely uninstall the unzip command you might think of a symbolic link like this:

    (I consider unzip to live under /usr/bin)

    ln -s /bin/true /usr/local/bin/unzip  (you might need to adapt the path to your needs just make sure the link file is in a path that appears first in the users $PATH environment)

    Of course this way th users could still call /usr/bin/unzip explicitly. But if they just type "unzip" it will just return "true"

    Otherwise you could change the mode of /usr/bin/unzip like this "chmod go-x /usr/bin/unzip" this way only the owner (probably root) can run it. The drawback is, this might be overwritten on update.
    LVL 29

    Expert Comment

    are you saying you dont want user to excute "tar  " such tar -xvzf command  ??

    in that case i dont think its possible

    you an woolmilkporc and mostart to chage file permisison ..

    but if you could of explain little bit more it would be good understand
    LVL 29

    Expert Comment

    Or if you want just after unzip command

    which is :

    then you can do

    rpm -e unzip

    it sould delete unzip command from your system
    LVL 5

    Expert Comment

    Anyway, a malicious user who has write access to any directory in your system, even just /tmp, could still install an unzip executable and run it; a workaround could be to mount all the user writable filsystems with the noexec option (see man mount) so that users cannot run executables installed there, but this may break some applications.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
    Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
    Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
    Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now