diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2017-03-13 13:57:23 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2017-03-13 13:57:23 +0300 |
| commit | 7d17bfbbd707e7955a2b2e43047302dd5737dc12 (patch) | |
| tree | 740578fda10b38e5c0a8208ea0a8c408f28ba154 | |
| parent | ad779f29eb2ea5593907d9eba0547e6c8b7aeee8 (diff) | |
Escape file when needed to test if it is readable
| -rw-r--r-- | include/functions | 41 |
1 files changed, 21 insertions, 20 deletions
diff --git a/include/functions b/include/functions index f8d919d6..ba8149de 100644 --- a/include/functions +++ b/include/functions @@ -746,51 +746,52 @@ sFILE=$1 CANREAD=0 RETVAL=1 - LogText "Test: check if we can access ${sFILE}" + escaped_file=$(echo ${sFILE} | sed 's/\*/\\*/; s/\?/\\?/') + LogText "Test: check if we can access ${sFILE} (escaped: ${escaped_file})" # Check for symlink - if [ -L ${sFILE} ]; then - ShowSymlinkPath ${sFILE} - if [ ! "${SYMLINK}" = "" ]; then sFILE="${SYMLINK}"; fi + if [ -L ${escaped_file} ]; then + ShowSymlinkPath ${escaped_file} + if [ ! -z "${SYMLINK}" ]; then escaped_file="${SYMLINK}"; fi fi # Only check the file if it isn't a symlink (after previous check) - if [ -L ${sFILE} ]; then + if [ -L ${escaped_file} ]; then OTHERPERMS="-" LogText "Result: unclear if we can read this file, as this is a symlink" ReportException "FileIsReadable" "Can not determine symlink ${sFILE}" - elif [ -d ${sFILE} ]; then - OTHERPERMS=$(ls -d -l ${sFILE} | cut -c 8) - elif [ -f ${sFILE} ]; then - OTHERPERMS=$(ls -d -l ${sFILE} | cut -c 8) - else + elif [ -d ${escaped_file} ]; then + OTHERPERMS=$(${LSBINARY} -d -l ${escaped_file} | ${CUTBINARY} -c 8) + elif [ -f ${escaped_file} ]; then + OTHERPERMS=$(${LSBINARY} -d -l ${escaped_file} | ${CUTBINARY} -c 8) + else OTHERPERMS="-" fi # Also check if we are the actual owner of the file (use -d to get directory itself, if its a directory) - FILEOWNER=$(ls -dln ${sFILE} | awk -F" " '{ print $3 }') + FILEOWNER=$(ls -dln ${escaped_file} | ${AWKBINARY} -F" " '{ print $3 }') if [ "${FILEOWNER}" = "${MYID}" ]; then LogText "Result: file is owned by our current user ID (${MYID}), checking if it is readable" if [ -L ${sFILE} ]; then LogText "Result: unclear if we can read this file, as this is a symlink" - ReportException "FileIsReadable" "Can not determine symlink ${sFILE}" - elif [ -d ${sFILE} ]; then - OTHERPERMS=$(ls -d -l ${sFILE} | cut -c 2) - elif [ -f ${sFILE} ]; then - OTHERPERMS=$(ls -d -l ${sFILE} | cut -c 2) + ReportException "FileIsReadable" "Can not determine symlink ${escaped_file}" + elif [ -d ${escaped_file} ]; then + OTHERPERMS=$(${LSBINARY} -d -l ${escaped_file} | ${CUTBINARY} -c 2) + elif [ -f ${escaped_file} ]; then + OTHERPERMS=$(${LSBINARY} -l ${escaped_file} | ${CUTBINARY} -c 2) fi - else + else LogText "Result: file is not owned by current user ID (${MYID}), but UID ${FILEOWNER}" fi # Check if we are root, or have the read bit if [ "${MYID}" = "0" -o "${OTHERPERMS}" = "r" ]; then CANREAD=1 - LogText "Result: file ${sFILE} is readable (or directory accessible)." + LogText "Result: file ${escaped_file} is readable (or directory accessible)." return 0 - else + else return 1 - LogText "Result: file ${sFILE} is NOT readable (or directory accessible), symlink, or does not exist. (OTHERPERMS: ${OTHERPERMS})" + LogText "Result: file ${escaped_file} is NOT readable (or directory accessible), symlink, or does not exist. (OTHERPERMS: ${OTHERPERMS})" fi } |