-3

I made an apache-like server in C for a class but sadly it allows clients to see files and folders all over my filesystem. I can probably do a lot of parsing of the request to avoid this, but I doubt that's the best way to go about it. Is there some way to only give permissions to the server to access things inside it's current folder? (either via code or by configuring something in the Operating System itself) It calls "ls" to view the filesystem, I suspect that might be very relevant.

Ricardo Amendoeira
  • 11
  • 1
    Well I don't know maybe [googleing it](https://www.google.fr/search?q=How+do+I+make+sure+a+program+only+has+access+to+it%27s+own+folder+and+subfolders&ie=utf-8&oe=utf-8&gws_rd=cr&ei=cY55VYXDMOSc7gb4y4LYAg#safe=off&q=restrict+program+access+to+its+folder+linux) would have told you about [chroot](http://stackoverflow.com/questions/4518334/can-i-restrict-access-to-certain-files-for-a-certain-process)? – Eregrith Jun 11 '15 at 13:36
  • 2
    I would think you would do this through a combination of permissions and some sort of a config file. Your server should not be running as root but rather it's own user like how apache runs as _www or something like that. Also have a config for each site telling your server which folder is the root folder so the application knows it can only access files in that folder and deeper. But in all this question is too long to be answered in stack and you're just going to get a million opinions. – Squeegy Jun 11 '15 at 13:38
  • I did try a few queries and wasn't finding anything relevant, I wasn't wording it right, I guess. Thanks! – Ricardo Amendoeira Jun 11 '15 at 13:40
  • I already have a prefix path, the problem is with the /../ strings. I thought about parsing and rejecting them but I'm afraid there might be other similar problems that I'll miss. – Ricardo Amendoeira Jun 11 '15 at 13:49
  • Using shell-tools is always dangerous, as they are not designed to be used through a web-interface. You should first implement your own directory crawler which first convert a relative path to an absolute and restrict its usage to the allowed path. (including to not running as root, of course). – too honest for this site Jun 11 '15 at 14:00

1 Answers1

1

Spawn a new process for each incoming connection and let it do a chroot() to a safe location as 1st step.

This however makes it necessary to have the spawning process run as user root. After having changed their root the spawned children then would switch to a user with limited rights using setuid().

alk
  • 69,737
  • 10
  • 105
  • 255