LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   File interrogation/removal script (https://www.linuxquestions.org/questions/linux-software-2/file-interrogation-removal-script-472415/)

kenwoodgt 08-09-2006 04:14 PM
File interrogation/removal script
 
I am running vsFTPd 2.0.4 on Debain Sarge 3.1:

As part of our security measures we are adding a certain number
of characters as a time stamp and an underscore before the actual
name of files being uploaded to the server. I am looking for a bit
of help writing the script that looks to see if there are the number
of characters we are using plus the underscore - and delete anything
else. (People are allowed to upload about anything, but the script
will be running every few minutes via cron and delete files accordingly)

ex.) if the actual file is blah.mp3, our custom api will upload

*****_blah.mp3

The script needs to be able to delete any file that does not have

*****_ in front of it.

Im currently looking into sed & awk, but if there is another quick way
i am all ears.


Any help is greatly appreciated. Thank you in advance.

unSpawn 08-09-2006 05:15 PM
As part of our security measures we are adding a certain number of characters as a time stamp and an underscore before the actual name of files being uploaded to the server.
What effect does adding those have on security?


I am looking for a bit of help writing the script that looks to see
Show us what you've got sofar?


if there are the number of characters we are using plus the underscore - and delete anything else.
String contains chars: i="string", number of chars in string is: ${#i}
If underscore must reside on position after ${#i} chars, then testing position $[${#i}+1] should match.
If anywhere then an "expr match string regex" or "echo string | grep -q char" could do.
Deleting from total string length after pos n is just keeping ${i:0:n}.

kenwoodgt 08-10-2006 08:52 AM
What effect does adding those have on security?

I know that jsut adding the characters does not provide
any form of security whatsoever. But when coupled with
the script in question, files without this string of
characters will be deleted. Cron will probably be running
the script every minute. The idea is that if anyone does
happen to use this as a personal ftp dumpbox, all files
without the set number of characters will be removed.
That is not our main security if thats what you are
wondering. We are using SSL, and a few other security
measures.


Show us what you've got sofar?

Well, i have never really written an iterrogative script
before. The only other script i have written is one to
remove files after a certain number of days like this:
#! /bin/sh
#RM Files older than 7days
#
find /home/user1/southwest -type f -mtime +7 -exec rm "{}" \;

Any help you could give would be great. As for what you wrote
in the last post, im not sure if i understand much of that, as
i have very limited experience with script writing. You may
have to dumb it down a bit for me. Thanks.

unSpawn 08-10-2006 12:33 PM
I know that jsut adding the characters does not provide any form of security whatsoever. But when coupled with
the script in question, files without this string of characters will be deleted.
So it's more of a file management thing.


We are using SSL, and a few other security measures.
Nice, but if for instance you don't chown uploads to an inert user then if someone has a shell and is allowed uploads you could be in for trouble if you run a vulnerable FTPd. Best look at restricting access in the OS and the daemon+config combo first.


Well, i have never really written an iterrogative script
Code:
#!/bin/sh
# Check filename for required chars
progn="filecheck"; static_str_width="8"
if [ "$#" = "0" ]; then exit 1; fi; while getopts htp: OPT; do case "$OPT" in p) dir="${OPTARG}";;
t) t="echo";; h|-h|--help|*) echo "${progn}: (-t =test) -p /search/path"; exit 1;; esac; done
if [ -d "${dir}" ]; then find ${dir} -type f | while read f; do fn=$(basename "${f}")
[ "$(expr match ${fn:0:$static_str_width} "[0-9].*" 2>/dev/null)" = "$static_str_width" ] || $t rm -f "${f}"
[ "$(expr index ${fn:$static_str_width:1} _ 2>/dev/null)" = "1" ] || $t rm -f "${f}"
done; else echo "${progn} [FATAL]: no dir \"${dir}"\" 1>&2; exit 127; fi; exit 0
Save, make executable. static_str_width="8" means you have eight chars (20060213) before underscore. Change if needed but remember underscore will be n+1. Flag "-t" tests. One flag necessary: -p /path/to/files. Run to see if it gives errors. If none run without "-t". YMMV(VM).


All times are GMT -5. The time now is 09:57 AM.