You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
33 lines
1.5 KiB
33 lines
1.5 KiB
#!/bin/bash
|
|
|
|
ENABLED=yes
|
|
[ "$ENABLED" != "yes" ] && exit 0
|
|
DEBUGMODE=no
|
|
|
|
unset ROOTFS; [[ -d /usr/lib/ublinux ]] || ROOTFS=.
|
|
SOURCE=${ROOTFS}/usr/lib/ublinux/functions; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0
|
|
SOURCE=${ROOTFS}/usr/lib/ublinux/os-config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0
|
|
debug_mode "$0" "$@"
|
|
|
|
SYSCONF="${ROOTFS}/${SYSCONF}"
|
|
SOURCE=${SYSCONF}/config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
|
|
SOURCE=${SYSCONF}/security; [ -f ${SOURCE} ] && . ${SOURCE} 2>/dev/null
|
|
|
|
exec_access_denied_interpreter(){
|
|
## Ограничить запуск интерпретаторов языков программирования в интерактивном режиме
|
|
if [[ -n ${ACCESS_DENIED_INTERPRETER[@]} ]]; then
|
|
for PATH_WORK_INTERPRETER in "${!ACCESS_DENIED_INTERPRETER[@]}"; do
|
|
DENIED_INTERPRETER=$(tr [[:space:]],\; $'\n' <<< ${ACCESS_DENIED_INTERPRETER[${PATH_WORK_INTERPRETER}]})
|
|
[[ ${DENIED_INTERPRETER,,} == "all" ]] && DENIED_INTERPRETER="gbr3,python,python2,python3,perl,perl6,php,ruby,node,awk,gawk"
|
|
[[ ${PATH_WORK_INTERPRETER} == 0 ]] && PATH_WORK_INTERPRETER="${ROOTFS}/usr/bin ${ROOTFS}/usr/local/bin ${ROOTFS}/usr/local/sbin ${ROOTFS}/home"
|
|
LIST_INTERPRETER=$(printf " -name %s -o" ${DENIED_INTERPRETER})
|
|
find ${PATH_WORK_INTERPRETER} -type f -perm /g=x \( ${LIST_INTERPRETER%-o*} \) -exec chmod --quiet o-x {} +
|
|
done
|
|
fi
|
|
}
|
|
|
|
################
|
|
##### MAIN #####
|
|
################
|
|
|
|
exec_access_denied_interpreter $@ |