Browse code

Replace /home with an empty directory.

That should hide other users' home directories on most setups.

Xavier G authored on 28/02/2016 15:41:29
Showing 1 changed files
... ...
@@ -48,6 +48,8 @@ if [ -x "$(which proot)" ]; then
48 48
 	work_dir="$(mktemp --directory "${work_dir_base}/$$.XXXXXXXX")" || \
49 49
 		exit_with_message 110 "Unable to create working directory, aborting."
50 50
 
51
+	# Directory to replace /home
52
+	slash_home_dir="${work_dir}/slash_home"
51 53
 	# Directory to replace $HOME
52 54
 	home_dir="${work_dir}/home"
53 55
 	# Directory to replace /tmp
... ...
@@ -59,7 +61,7 @@ if [ -x "$(which proot)" ]; then
59 61
 	# Directory for downloads
60 62
 	download_dir="${HOME}/Downloads"
61 63
 
62
-	for directory in {home,tmp,{up,down}load,dev}_dir; do
64
+	for directory in {{slash_,}home,tmp,{up,down}load,dev}_dir; do
63 65
 		mk_dir "${!directory}" 0700
64 66
 	done
65 67
 
... ...
@@ -73,6 +75,7 @@ if [ -x "$(which proot)" ]; then
73 75
 
74 76
 	# Leverage proot to make iceweasel believe that:
75 77
 	#   - the home directory is almost empty
78
+	#   - /home is either empty or contains only our home
76 79
 	#   - its configuration directory is still there
77 80
 	#   - its cache directory is still there
78 81
 	#   - its download directory is still there
... ...
@@ -93,6 +96,7 @@ if [ -x "$(which proot)" ]; then
93 96
 	#       FATAL: error reading `/proc/sys/crypto/fips_enabled' in libgcrypt: Not a directory
94 97
 	#   - /dev is present yet minimalist
95 98
 	proot \
99
+		-b "${slash_home_dir}:/home" \
96 100
 		-b "${home_dir}:${HOME}" \
97 101
 		-b "${HOME}/.mozilla/firefox:${HOME}/.mozilla/firefox" \
98 102
 		-b "${HOME}/.cache/mozilla/firefox:${HOME}/.cache/mozilla/firefox" \