UNPKG

web-terminal-server

Version:

Professional web-based terminal server with persistent sessions, live sharing, smart port detection, Cloudflare tunnels, and full CLI support

github.com/OzlevyQ/web-terminal-server

OzlevyQ/web-terminal-server

78 lines (70 loc) 2.19 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
// Security configuration for terminal server module.exports = { // Security levels: 'restricted', 'limited', 'full' securityLevel: process.env.TERMINAL_SECURITY || 'full', // Allowed starting directories by security level allowedStartingDirs: { restricted: [process.env.HOME], // Only home directory limited: [process.env.HOME, '/tmp', '/var/tmp'], // Home + temp dirs full: ['/'] // Full system access }, // Blocked commands by security level blockedCommands: { restricted: ['sudo', 'su', 'rm -rf', 'chmod 777', 'chown'], limited: ['sudo', 'su'], full: [] // No restrictions }, // Environment variables restrictions allowedEnvVars: { restricted: ['PATH', 'HOME', 'USER', 'TERM', 'COLORTERM'], limited: ['PATH', 'HOME', 'USER', 'TERM', 'COLORTERM', 'PWD', 'OLDPWD'], full: null // All environment variables }, // File system access fileSystemAccess: { restricted: { canAccessRoot: false, canAccessSystem: false, canModifySystem: false }, limited: { canAccessRoot: true, canAccessSystem: false, canModifySystem: false }, full: { canAccessRoot: true, canAccessSystem: true, canModifySystem: true } }, // Get security configuration for current level getCurrentConfig() { const level = this.securityLevel; return { level, startingDirs: this.allowedStartingDirs[level], blockedCommands: this.blockedCommands[level], envVars: this.allowedEnvVars[level], fileAccess: this.fileSystemAccess[level] }; }, // Check if command is allowed isCommandAllowed(command) { const blocked = this.blockedCommands[this.securityLevel]; return !blocked.some(cmd => command.toLowerCase().includes(cmd.toLowerCase())); }, // Get appropriate starting directory getStartingDirectory() { const config = this.getCurrentConfig(); switch (this.securityLevel) { case 'restricted': return process.env.HOME; case 'limited': return process.env.HOME; case 'full': default: return process.platform === 'win32' ? 'C:\\' : '/'; } } };