Halim Sahin wrote: > Sorry if my question was not understood currectly. > I don't want to run sxfe/vdr etc under a chroot env. > My concerns are about the build-in filebrowser of xineliboutput. > It should be restricted to a special folder like /media. > This whould avoid damages to the system :-). > More ideas? To prevent modifying system files you should run vdr as normal user (--user=vdr). Just don't give it write access to any other places than /media (and /video ?). Of course this doesn't protect VDR config files and recordings ... For the file browser you can try attached, untested patch. Add following line to vdr's setup.conf: xineliboutput.Media.RootDir=/media Note that it is not bulletproof ; one can easily bypass the checks with symlinks, like ln -s / /media/root. - Petri
Index: config.h =================================================================== RCS file: /cvsroot/xineliboutput/vdr-xineliboutput/config.h,v retrieving revision 1.67 diff -u -r1.67 config.h --- config.h 31 Oct 2009 19:59:50 -0000 1.67 +++ config.h 13 Nov 2009 12:00:29 -0000 @@ -318,6 +322,7 @@ int dvb_subtitles; // send DVB subtitles in data stream (decode+display using xine-lib or external media player) // Media player + char media_root_dir[4096]; // restrict file browser char browse_files_dir[4096]; char browse_music_dir[4096]; char browse_images_dir[4096]; Index: config.c =================================================================== RCS file: /cvsroot/xineliboutput/vdr-xineliboutput/config.c,v retrieving revision 1.86 diff -u -r1.86 config.c --- config.c 25 Oct 2009 12:56:11 -0000 1.86 +++ config.c 13 Nov 2009 12:00:29 -0000 @@ -662,6 +696,7 @@ ff_h264_speed_over_accurancy = FF_H264_SPEED_OVER_ACCURACY_auto; ff_h264_skip_loop_filter = FF_H264_SKIP_LOOPFILTER_auto; + strn0cpy(media_root_dir, "/", sizeof(media_root_dir)); strn0cpy(browse_files_dir, VideoDirectory, sizeof(browse_files_dir)); strn0cpy(browse_music_dir, VideoDirectory, sizeof(browse_music_dir)); strn0cpy(browse_images_dir, VideoDirectory, sizeof(browse_images_dir)); @@ -918,6 +962,7 @@ else if (!strcasecmp(Name, "Post.denoise3d.chroma")) denoise3d_chroma = atoi(Value); else if (!strcasecmp(Name, "Post.denoise3d.time")) denoise3d_time = atoi(Value); + else if (!strcasecmp(Name, "Media.RootDir")) STRN0CPY(media_root_dir, Value); else if (!strcasecmp(Name, "Media.BrowseFilesDir")) STRN0CPY(browse_files_dir, Value); else if (!strcasecmp(Name, "Media.BrowseMusicDir")) STRN0CPY(browse_music_dir, Value); else if (!strcasecmp(Name, "Media.BrowseImagesDir")) STRN0CPY(browse_images_dir, Value); Index: menu.c =================================================================== RCS file: /cvsroot/xineliboutput/vdr-xineliboutput/menu.c,v retrieving revision 1.71 diff -u -r1.71 menu.c --- menu.c 11 Nov 2009 16:09:09 -0000 1.71 +++ menu.c 13 Nov 2009 12:00:29 -0000 @@ -139,6 +140,13 @@ if(!m_CurrentDir) m_CurrentDir = strdup(m_ConfigLastDir); + int RootDirLen = strlen(xc.media_root_dir); + if (strncmp(m_CurrentDir, xc.media_root_dir, RootDirLen)) { + LOGMSG("Not allowing browsing to %s (root is %s)", m_CurrentDir, xc.media_root_dir); + free(m_CurrentDir); + m_CurrentDir = strdup(xc.media_root_dir); + } + if(m_CurrentDir[0] != '/') { free(m_CurrentDir); m_CurrentDir = strdup(VideoDirectory); @@ -152,7 +160,8 @@ } // add link to parent folder - if(strlen(m_CurrentDir) > 1) + int CurrentDirLen = strlen(m_CurrentDir); + if (CurrentDirLen > 1 && CurrentDirLen > RootDirLen) Add(new cFileListItem("..",true)); Sort();
_______________________________________________ vdr mailing list vdr@xxxxxxxxxxx http://www.linuxtv.org/cgi-bin/mailman/listinfo/vdr