diff options
| author | magikcypress <cyp@rouquin.me> | 2017-04-18 02:47:58 +0200 |
|---|---|---|
| committer | magikcypress <cyp@rouquin.me> | 2017-04-18 02:47:58 +0200 |
| commit | 128aa107baf2bbf713a6af43182e1bc6d9c7a1a7 (patch) | |
| tree | c6ccfef70b81223ee61e28b2c6106a862c51ad8d /scripts/.fonctions | |
| parent | cfdc9938e270ce9bd92446f628101f0b67db3e32 (diff) | |
| download | mastodon_ynh-128aa107baf2bbf713a6af43182e1bc6d9c7a1a7.tar.gz mastodon_ynh-128aa107baf2bbf713a6af43182e1bc6d9c7a1a7.tar.bz2 mastodon_ynh-128aa107baf2bbf713a6af43182e1bc6d9c7a1a7.zip | |
[fix] secure rm + upgrade
Diffstat (limited to 'scripts/.fonctions')
| -rw-r--r-- | scripts/.fonctions | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/scripts/.fonctions b/scripts/.fonctions index 0a148a6..064a0c9 100644 --- a/scripts/.fonctions +++ b/scripts/.fonctions @@ -226,3 +226,31 @@ ynh_psql_drop_db() { ynh_psql_drop_user() { sudo su -c "dropuser ${1}" postgres } + +# Remove a file or a directory securely +# +# usage: ynh_secure_remove path_to_remove +# | arg: path_to_remove - File or directory to remove +ynh_secure_remove () { + path_to_remove=$1 + forbidden_path=" \ + /var/www \ + /home/yunohost.app" + + if [[ "$forbidden_path" =~ "$path_to_remove" \ + # Match all path or subpath in $forbidden_path + || "$path_to_remove" =~ ^/[[:alnum:]]+$ \ + # Match all first level path from / (Like /var, /root, etc...) + || "${path_to_remove:${#path_to_remove}-1}" = "/" ]] + # Match if the path finish by /. Because it's seems there is an empty variable + then + echo "Avoid deleting of $path_to_remove." >&2 + else + if [ -e "$path_to_remove" ] + then + sudo rm -R "$path_to_remove" + else + echo "$path_to_remove doesn't deleted because it's not exist." >&2 + fi + fi +}
\ No newline at end of file |