New helper ynh_secure_remove (#281)

* New helper ynh_secure_remove A secure way to remove a file or directory. Prevent to knew issues. Tested with this paths: - / -> Not removed - /var -> Not removed - /var/www -> Not removed - /var/www/file -> Removed - /opt -> Not removed - /opt/file -> Removed - /home/yunohost.app -> Not removed - /home -> Not removed - /home/ -> Not removed - // -> Not removed - /etc/cron.d/ -> Not removed - /etc -> Not removed - /etc/ -> Not removed - /etc/X11 -> Removed - /etc/X11/$var -> Removed (if $var is not empty) * JimboJoe's typo fix
2024-09-03 20:06:10 +02:00 · 2017-04-30 22:37:52 +02:00 · 2017-04-30 22:37:52 +02:00 · 47ce6d9e33
commit 47ce6d9e33
parent 6cc237dcca
1 changed files with 28 additions and 0 deletions
--- a/data/helpers.d/filesystem
+++ b/data/helpers.d/filesystem
@ -80,3 +80,31 @@ properly with chmod/chown." >&2
    chmod 755 $TMP_DIR
    echo $TMP_DIR
 }
+
+# Remove a file or a directory securely
+#
+# usage: ynh_secure_remove path_to_remove
+# | arg: path_to_remove - File or directory to remove
+ynh_secure_remove () {
+	path_to_remove=$1
+	forbidden_path=" \
+	/var/www \
+	/home/yunohost.app"
+
+	if [[ "$forbidden_path" =~ "$path_to_remove" \
+		# Match all paths or subpaths in $forbidden_path
+		|| "$path_to_remove" =~ ^/[[:alnum:]]+$ \
+		# Match all first level paths from / (Like /var, /root, etc...)
+		|| "${path_to_remove:${#path_to_remove}-1}" = "/" ]]
+		# Match if the path finishes by /. Because it seems there is an empty variable
+	then
+		echo "Avoid deleting $path_to_remove." >&2
+	else
+		if [ -e "$path_to_remove" ]
+		then
+			sudo rm -R "$path_to_remove"
+		else
+			echo "$path_to_remove wasn't deleted because it doesn't exist." >&2
+		fi
+	fi
+}