ZaneDev/ZDTT
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update release version to v0.1.2.b.4; enhance index.html with additional supported platforms and security features in terminal.py to block dangerous commands and paths

Browse Source
This commit is contained in:
Zane V
2025-11-16 16:56:48 -05:00
parent 4e1f56802c
commit ee998cf77a
3 changed files with 131 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
index.html
View File

@@ -13,7 +13,7 @@
<body>
<header class="hero" id="top">
<nav class="nav">
<div class="brand">ZDTT</div>
<div class="brand">By ZaneDev</div>
<button class="nav__toggle" type="button" aria-label="Toggle navigation" aria-expanded="false" aria-controls="primary-nav">
<span></span>
<span></span>
@@ -46,11 +46,11 @@
<div class="hero__metrics">
<div class="metric">
<p class="metric__label">Current release</p>
<p class="metric__value">v0.1.2.b.3</p>
<p class="metric__value">v0.1.2.b.4</p>
</div>
<div class="metric">
<p class="metric__label">Supported families</p>
<p class="metric__value">Debian · Arch</p>
<p class="metric__value">Debian · Arch · macOS</p>
</div>
<div class="metric">
<p class="metric__label">Extension slots</p>
@@ -69,11 +69,11 @@
<div class="feature-grid">
<article class="card">
<h3>Smart distro detection</h3>
<p>Installer inspects <code>/etc/os-release</code>, package managers, and user overrides to keep Debian and Arch flows tight.</p>
<p>Installer inspects <code>/etc/os-release</code>, package managers, and user overrides to keep Debian, macOS, and Arch flows tight.</p>
</article>
<article class="card">
<h3>Always-on status bar</h3>
<p>Background thread renders a live status bar with branding, time, and color themes you can swap on the fly.</p>
<p>Background thread renders a live status bar with branding, time, and color themes you can swap on the fly. (unavailable on macOS)</p>
</article>
<article class="card">
<h3>Plugin-friendly core</h3>
@@ -91,6 +91,10 @@
<h3>Graceful fallbacks</h3>
<p>Unsupported systems get friendly warnings, opt-in installs, and clear messaging so nothing breaks silently.</p>
</article>
<article class="card">
<h3>Open source</h3>
<p>ZDTT is open source and free to use. You can find the source code on <a href="https://github.com/ZaneThePython/ZDTT">GitHub</a>.</p>
</article>
</div>
</section>
@@ -106,7 +110,7 @@
</li>
<li>
<h3>Follow the prompts</h3>
<p>The script checks your distro, offers overrides, and handles both Debian (<code>apt</code>) and Arch (<code>pacman</code>) flows.</p>
<p>The script checks your distro, offers overrides, and handles both Debian (<code>apt</code>), Arch (<code>pacman</code>), and macOS (<code>brew</code>) flows.</p>
</li>
<li>
<h3>Launch <code>zdtt</code></h3>
@@ -114,7 +118,7 @@
</li>
</ol>
<div class="callout">
<p><strong>Heads up:</strong> ZDTT is Linux-only. Non-Debian/Arch installs can continue at your own risk—warnings are built in.</p>
<p><strong>Heads up:</strong> ZDTT is Linux-only (with eperimental macOS support). Non-Debian/Arch installs can continue at your own risk—warnings are built in.</p>
</div>
</section>
@@ -158,14 +162,15 @@ Traceback (most recent call last):
<p>ZDTT thrives on experimentation. Fork it, vibe with it, file PRs, or just send screenshots.</p>
</div>
<div class="community__actions">
<a class="btn primary" href="mailto:hello@zane.org">Say hello</a>
<a class="btn ghost" href="https://github.com/" target="_blank" rel="noreferrer">View source</a>
<a class="btn primary" href="mailto:contact@zane.org">Contact us if issues arise</a>
<a class="btn ghost" href="https://github.com/ZaneThePython/ZDTT" target="_blank" rel="noreferrer">View source</a>
</div>
</section>
</main>
<footer class="footer">
<p>© <span id="year"></span> ZDTT • Built for Debian + Arch explorers.</p>
<p>© <span id="year"></span> - ZBF LLC</p>
<p>ZDTT - ZaneDev's Terminal Tools</p>
<a href="#top">Back to top ↑</a>
</footer>

115
terminal.py
View File

@@ -18,6 +18,7 @@ import json
import shlex
import signal
import ast
import re
from datetime import datetime
import urllib.request
import urllib.error
@@ -1804,7 +1805,47 @@ ZDTT Terminal v{self.version}
recursive = '-r' in flags or '-rf' in flags or '-fr' in flags
force = '-f' in flags or '-rf' in flags or '-fr' in flags
# Check for dangerous paths (root directories and critical system paths)
dangerous_paths = ['/', '/root', '/home', '/usr', '/bin', '/sbin', '/etc', '/var',
'/sys', '/proc', '/dev', '/boot', '/lib', '/lib64']
# Filter out dangerous paths
allowed_paths = []
for path in paths:
# Resolve to absolute path for checking
abs_path = os.path.abspath(path)
is_blocked = False
# Block removal of root directory or critical system directories
if abs_path in dangerous_paths or abs_path == '/':
print(f"{self.COLOR_ERROR}🚨 SECURITY BLOCKED: Cannot remove '{path}' - this is a critical system directory!{self.COLOR_RESET}")
print(f"{self.COLOR_WARNING}This operation has been blocked for your safety.{self.COLOR_RESET}")
is_blocked = True
else:
# Block removal of paths under critical system directories
for dangerous in dangerous_paths:
if abs_path.startswith(dangerous + '/'):
# Allow user directories under /home
if dangerous == '/home':
if not abs_path.startswith(os.path.expanduser('~')):
print(f"{self.COLOR_ERROR}🚨 SECURITY BLOCKED: Cannot remove '{path}' - this affects system directories!{self.COLOR_RESET}")
print(f"{self.COLOR_WARNING}This operation has been blocked for your safety.{self.COLOR_RESET}")
is_blocked = True
break
else:
# Block any path under critical system directories
print(f"{self.COLOR_ERROR}🚨 SECURITY BLOCKED: Cannot remove '{path}' - this is under a critical system directory!{self.COLOR_RESET}")
print(f"{self.COLOR_WARNING}This operation has been blocked for your safety.{self.COLOR_RESET}")
is_blocked = True
break
if not is_blocked:
allowed_paths.append(path)
if not allowed_paths:
return
for path in allowed_paths:
try:
if os.path.islink(path):
os.unlink(path)
@@ -2074,8 +2115,69 @@ ZDTT Terminal v{self.version}
print("Unable to locate the ZDTT updater.")
print("Re-run the installer script or use 'zdtt update' from your shell if available.")
def _is_dangerous_command(self, command):
"""Check if a command is dangerous and should be blocked."""
if not command or not command.strip():
return False
# Normalize the command for checking (lowercase, remove extra spaces)
normalized = ' '.join(command.strip().lower().split())
# List of dangerous patterns to block
dangerous_patterns = [
'rm -rf /',
'rm -rf / ',
'rm -rf / --no-preserve-root',
'rm -rf /*',
'rm -rf / *',
'rm -rf /root',
'rm -rf /home',
'rm -rf /usr',
'rm -rf /bin',
'rm -rf /sbin',
'rm -rf /etc',
'rm -rf /var',
'rm -rf /sys',
'rm -rf /proc',
'rm -rf /dev',
'rm -rf /boot',
'rm -rf /lib',
'rm -rf /lib64',
'sudo rm -rf /',
'sudo rm -rf /*',
'sudo rm -rf / --no-preserve-root',
]
# Check for dangerous patterns
for pattern in dangerous_patterns:
if pattern in normalized:
return True
# Check for rm -rf followed by root directory patterns
# Pattern: rm -rf followed by / or /* or / with flags
if re.search(r'\brm\s+-rf\s+/(?:\s|$|/|\*)', normalized):
return True
# Check for chmod/chown on critical system directories
critical_dirs = ['/bin', '/sbin', '/usr', '/etc', '/root', '/sys', '/proc', '/dev']
for dir_path in critical_dirs:
if f'chmod' in normalized and dir_path in normalized:
# Allow chmod on user directories, but warn about system dirs
if dir_path in ['/root', '/bin', '/sbin', '/usr', '/etc', '/sys', '/proc', '/dev']:
if 'sudo' in normalized or 'su ' in normalized:
return True
return False
def _execute_system_command(self, command):
"""Execute a system command with real-time I/O streaming."""
# Check for dangerous commands first
if self._is_dangerous_command(command):
print(f"{self.COLOR_ERROR}🚨 SECURITY BLOCKED: This command is too dangerous to execute!{self.COLOR_RESET}")
print(f"{self.COLOR_WARNING}The command '{command}' has been blocked for your safety.{self.COLOR_RESET}")
print(f"{self.COLOR_DIM}If you really need to run this command, use your system shell directly.{self.COLOR_RESET}")
return
# Temporarily disable status bar updates during command execution
status_bar_was_running = self.status_bar_thread and self.status_bar_thread.is_alive()
@@ -2172,11 +2274,24 @@ ZDTT Terminal v{self.version}
# Expand aliases first
command_line = self.expand_aliases(command_line)
# Check for dangerous commands before processing
if self._is_dangerous_command(command_line):
print(f"{self.COLOR_ERROR}🚨 SECURITY BLOCKED: This command is too dangerous to execute!{self.COLOR_RESET}")
print(f"{self.COLOR_WARNING}The command has been blocked for your safety.{self.COLOR_RESET}")
print(f"{self.COLOR_DIM}If you really need to run this command, use your system shell directly.{self.COLOR_RESET}")
return
# Check for -oszdtt flag (Outside ZDTT) - still supported for explicit shell execution
if '-oszdtt' in command_line:
# Remove the -oszdtt flag and execute as system command
system_command = command_line.replace('-oszdtt', '').strip()
if system_command:
# Check again after removing flag
if self._is_dangerous_command(system_command):
print(f"{self.COLOR_ERROR}🚨 SECURITY BLOCKED: This command is too dangerous to execute!{self.COLOR_RESET}")
print(f"{self.COLOR_WARNING}The command has been blocked for your safety.{self.COLOR_RESET}")
print(f"{self.COLOR_DIM}If you really need to run this command, use your system shell directly.{self.COLOR_RESET}")
return
self._execute_system_command(system_command)
else:
print("No command specified with -oszdtt flag")

2
version.txt
View File

@@ -1 +1 @@
0.1.2.b.3
0.1.2.b.4