ZaneDev/ZDTT
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update release version to v0.1.2.b.4; enhance index.html with additional supported platforms and security features in terminal.py to block dangerous commands and paths

Browse Source
This commit is contained in:
Zane V
2025-11-16 16:56:48 -05:00
parent 4e1f56802c
commit ee998cf77a
3 changed files with 131 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
index.html
View File

@@ -13,7 +13,7 @@
<body> <body>
<header class="hero" id="top"> <header class="hero" id="top">
<nav class="nav"> <nav class="nav">
<div class="brand">ZDTT</div> <div class="brand">By ZaneDev</div>
<button class="nav__toggle" type="button" aria-label="Toggle navigation" aria-expanded="false" aria-controls="primary-nav"> <button class="nav__toggle" type="button" aria-label="Toggle navigation" aria-expanded="false" aria-controls="primary-nav">
<span></span> <span></span>
<span></span> <span></span>
@@ -46,11 +46,11 @@
<div class="hero__metrics"> <div class="hero__metrics">
<div class="metric"> <div class="metric">
<p class="metric__label">Current release</p> <p class="metric__label">Current release</p>
<p class="metric__value">v0.1.2.b.3</p> <p class="metric__value">v0.1.2.b.4</p>
</div> </div>
<div class="metric"> <div class="metric">
<p class="metric__label">Supported families</p> <p class="metric__label">Supported families</p>
<p class="metric__value">Debian · Arch</p> <p class="metric__value">Debian · Arch · macOS</p>
</div> </div>
<div class="metric"> <div class="metric">
<p class="metric__label">Extension slots</p> <p class="metric__label">Extension slots</p>
@@ -69,11 +69,11 @@
<div class="feature-grid"> <div class="feature-grid">
<article class="card"> <article class="card">
<h3>Smart distro detection</h3> <h3>Smart distro detection</h3>
<p>Installer inspects <code>/etc/os-release</code>, package managers, and user overrides to keep Debian and Arch flows tight.</p> <p>Installer inspects <code>/etc/os-release</code>, package managers, and user overrides to keep Debian, macOS, and Arch flows tight.</p>
</article> </article>
<article class="card"> <article class="card">
<h3>Always-on status bar</h3> <h3>Always-on status bar</h3>
<p>Background thread renders a live status bar with branding, time, and color themes you can swap on the fly.</p> <p>Background thread renders a live status bar with branding, time, and color themes you can swap on the fly. (unavailable on macOS)</p>
</article> </article>
<article class="card"> <article class="card">
<h3>Plugin-friendly core</h3> <h3>Plugin-friendly core</h3>
@@ -91,6 +91,10 @@
<h3>Graceful fallbacks</h3> <h3>Graceful fallbacks</h3>
<p>Unsupported systems get friendly warnings, opt-in installs, and clear messaging so nothing breaks silently.</p> <p>Unsupported systems get friendly warnings, opt-in installs, and clear messaging so nothing breaks silently.</p>
</article> </article>
<article class="card">
<h3>Open source</h3>
<p>ZDTT is open source and free to use. You can find the source code on <a href="https://github.com/ZaneThePython/ZDTT">GitHub</a>.</p>
</article>
</div> </div>
</section> </section>
@@ -106,7 +110,7 @@
</li> </li>
<li> <li>
<h3>Follow the prompts</h3> <h3>Follow the prompts</h3>
<p>The script checks your distro, offers overrides, and handles both Debian (<code>apt</code>) and Arch (<code>pacman</code>) flows.</p> <p>The script checks your distro, offers overrides, and handles both Debian (<code>apt</code>), Arch (<code>pacman</code>), and macOS (<code>brew</code>) flows.</p>
</li> </li>
<li> <li>
<h3>Launch <code>zdtt</code></h3> <h3>Launch <code>zdtt</code></h3>
@@ -114,7 +118,7 @@
</li> </li>
</ol> </ol>
<div class="callout"> <div class="callout">
<p><strong>Heads up:</strong> ZDTT is Linux-only. Non-Debian/Arch installs can continue at your own risk—warnings are built in.</p> <p><strong>Heads up:</strong> ZDTT is Linux-only (with eperimental macOS support). Non-Debian/Arch installs can continue at your own risk—warnings are built in.</p>
</div> </div>
</section> </section>
@@ -158,14 +162,15 @@ Traceback (most recent call last):
<p>ZDTT thrives on experimentation. Fork it, vibe with it, file PRs, or just send screenshots.</p> <p>ZDTT thrives on experimentation. Fork it, vibe with it, file PRs, or just send screenshots.</p>
</div> </div>
<div class="community__actions"> <div class="community__actions">
<a class="btn primary" href="mailto:hello@zane.org">Say hello</a> <a class="btn primary" href="mailto:contact@zane.org">Contact us if issues arise</a>
<a class="btn ghost" href="https://github.com/" target="_blank" rel="noreferrer">View source</a> <a class="btn ghost" href="https://github.com/ZaneThePython/ZDTT" target="_blank" rel="noreferrer">View source</a>
</div> </div>
</section> </section>
</main> </main>
<footer class="footer"> <footer class="footer">
<p>© <span id="year"></span> ZDTT • Built for Debian + Arch explorers.</p> <p>© <span id="year"></span> - ZBF LLC</p>
<p>ZDTT - ZaneDev's Terminal Tools</p>
<a href="#top">Back to top ↑</a> <a href="#top">Back to top ↑</a>
</footer> </footer>

115
terminal.py
View File

@@ -18,6 +18,7 @@ import json
import shlex import shlex
import signal import signal
import ast import ast
import re
from datetime import datetime from datetime import datetime
import urllib.request import urllib.request
import urllib.error import urllib.error
@@ -1804,7 +1805,47 @@ ZDTT Terminal v{self.version}
recursive = '-r' in flags or '-rf' in flags or '-fr' in flags recursive = '-r' in flags or '-rf' in flags or '-fr' in flags
force = '-f' in flags or '-rf' in flags or '-fr' in flags force = '-f' in flags or '-rf' in flags or '-fr' in flags
# Check for dangerous paths (root directories and critical system paths)
dangerous_paths = ['/', '/root', '/home', '/usr', '/bin', '/sbin', '/etc', '/var',
'/sys', '/proc', '/dev', '/boot', '/lib', '/lib64']
# Filter out dangerous paths
allowed_paths = []
for path in paths: for path in paths:
# Resolve to absolute path for checking
abs_path = os.path.abspath(path)
is_blocked = False
# Block removal of root directory or critical system directories
if abs_path in dangerous_paths or abs_path == '/':
print(f"{self.COLOR_ERROR}🚨 SECURITY BLOCKED: Cannot remove '{path}' - this is a critical system directory!{self.COLOR_RESET}")
print(f"{self.COLOR_WARNING}This operation has been blocked for your safety.{self.COLOR_RESET}")
is_blocked = True
else:
# Block removal of paths under critical system directories
for dangerous in dangerous_paths:
if abs_path.startswith(dangerous + '/'):
# Allow user directories under /home
if dangerous == '/home':
if not abs_path.startswith(os.path.expanduser('~')):
print(f"{self.COLOR_ERROR}🚨 SECURITY BLOCKED: Cannot remove '{path}' - this affects system directories!{self.COLOR_RESET}")
print(f"{self.COLOR_WARNING}This operation has been blocked for your safety.{self.COLOR_RESET}")
is_blocked = True
break
else:
# Block any path under critical system directories
print(f"{self.COLOR_ERROR}🚨 SECURITY BLOCKED: Cannot remove '{path}' - this is under a critical system directory!{self.COLOR_RESET}")
print(f"{self.COLOR_WARNING}This operation has been blocked for your safety.{self.COLOR_RESET}")
is_blocked = True
break
if not is_blocked:
allowed_paths.append(path)
if not allowed_paths:
return
for path in allowed_paths:
try: try:
if os.path.islink(path): if os.path.islink(path):
os.unlink(path) os.unlink(path)
@@ -2074,8 +2115,69 @@ ZDTT Terminal v{self.version}
print("Unable to locate the ZDTT updater.") print("Unable to locate the ZDTT updater.")
print("Re-run the installer script or use 'zdtt update' from your shell if available.") print("Re-run the installer script or use 'zdtt update' from your shell if available.")
def _is_dangerous_command(self, command):
"""Check if a command is dangerous and should be blocked."""
if not command or not command.strip():
return False
# Normalize the command for checking (lowercase, remove extra spaces)
normalized = ' '.join(command.strip().lower().split())
# List of dangerous patterns to block
dangerous_patterns = [
'rm -rf /',
'rm -rf / ',
'rm -rf / --no-preserve-root',
'rm -rf /*',
'rm -rf / *',
'rm -rf /root',
'rm -rf /home',
'rm -rf /usr',
'rm -rf /bin',
'rm -rf /sbin',
'rm -rf /etc',
'rm -rf /var',
'rm -rf /sys',
'rm -rf /proc',
'rm -rf /dev',
'rm -rf /boot',
'rm -rf /lib',
'rm -rf /lib64',
'sudo rm -rf /',
'sudo rm -rf /*',
'sudo rm -rf / --no-preserve-root',
]
# Check for dangerous patterns
for pattern in dangerous_patterns:
if pattern in normalized:
return True
# Check for rm -rf followed by root directory patterns
# Pattern: rm -rf followed by / or /* or / with flags
if re.search(r'\brm\s+-rf\s+/(?:\s|$|/|\*)', normalized):
return True
# Check for chmod/chown on critical system directories
critical_dirs = ['/bin', '/sbin', '/usr', '/etc', '/root', '/sys', '/proc', '/dev']
for dir_path in critical_dirs:
if f'chmod' in normalized and dir_path in normalized:
# Allow chmod on user directories, but warn about system dirs
if dir_path in ['/root', '/bin', '/sbin', '/usr', '/etc', '/sys', '/proc', '/dev']:
if 'sudo' in normalized or 'su ' in normalized:
return True
return False
def _execute_system_command(self, command): def _execute_system_command(self, command):
"""Execute a system command with real-time I/O streaming.""" """Execute a system command with real-time I/O streaming."""
# Check for dangerous commands first
if self._is_dangerous_command(command):
print(f"{self.COLOR_ERROR}🚨 SECURITY BLOCKED: This command is too dangerous to execute!{self.COLOR_RESET}")
print(f"{self.COLOR_WARNING}The command '{command}' has been blocked for your safety.{self.COLOR_RESET}")
print(f"{self.COLOR_DIM}If you really need to run this command, use your system shell directly.{self.COLOR_RESET}")
return
# Temporarily disable status bar updates during command execution # Temporarily disable status bar updates during command execution
status_bar_was_running = self.status_bar_thread and self.status_bar_thread.is_alive() status_bar_was_running = self.status_bar_thread and self.status_bar_thread.is_alive()
@@ -2172,11 +2274,24 @@ ZDTT Terminal v{self.version}
# Expand aliases first # Expand aliases first
command_line = self.expand_aliases(command_line) command_line = self.expand_aliases(command_line)
# Check for dangerous commands before processing
if self._is_dangerous_command(command_line):
print(f"{self.COLOR_ERROR}🚨 SECURITY BLOCKED: This command is too dangerous to execute!{self.COLOR_RESET}")
print(f"{self.COLOR_WARNING}The command has been blocked for your safety.{self.COLOR_RESET}")
print(f"{self.COLOR_DIM}If you really need to run this command, use your system shell directly.{self.COLOR_RESET}")
return
# Check for -oszdtt flag (Outside ZDTT) - still supported for explicit shell execution # Check for -oszdtt flag (Outside ZDTT) - still supported for explicit shell execution
if '-oszdtt' in command_line: if '-oszdtt' in command_line:
# Remove the -oszdtt flag and execute as system command # Remove the -oszdtt flag and execute as system command
system_command = command_line.replace('-oszdtt', '').strip() system_command = command_line.replace('-oszdtt', '').strip()
if system_command: if system_command:
# Check again after removing flag
if self._is_dangerous_command(system_command):
print(f"{self.COLOR_ERROR}🚨 SECURITY BLOCKED: This command is too dangerous to execute!{self.COLOR_RESET}")
print(f"{self.COLOR_WARNING}The command has been blocked for your safety.{self.COLOR_RESET}")
print(f"{self.COLOR_DIM}If you really need to run this command, use your system shell directly.{self.COLOR_RESET}")
return
self._execute_system_command(system_command) self._execute_system_command(system_command)
else: else:
print("No command specified with -oszdtt flag") print("No command specified with -oszdtt flag")

2
version.txt
View File

@@ -1 +1 @@
0.1.2.b.3 0.1.2.b.4