event script directory check implemented

fix logging in CryptoBoxWebserver (introducing another problem)
This commit is contained in:
lars 2006-11-24 11:01:55 +00:00
parent 1fa160250b
commit 8511ff9845
2 changed files with 31 additions and 17 deletions

View File

@ -28,6 +28,7 @@ allowedProgs = {
DEV_TYPES = { "pipe":1, "char":2, "dir":4, "block":6, "file":8, "link":10, "socket":12} DEV_TYPES = { "pipe":1, "char":2, "dir":4, "block":6, "file":8, "link":10, "socket":12}
EVENT_MARKER = '_event_marker_'
def checkIfFileIsSafe(fname): def checkIfFileIsSafe(fname):
@ -62,6 +63,14 @@ def checkIfPluginIsValid(plugin):
return False return False
def checkIfEventScriptIsValid(plugin):
event_dir = os.path.dirname(plugin)
if os.path.exists(os.path.join(event_dir,EVENT_MARKER)):
return True
else:
return False
def call_plugin(args): def call_plugin(args):
"""check if the plugin may be called - and do it finally ...""" """check if the plugin may be called - and do it finally ..."""
plugin = os.path.abspath(args[0]) plugin = os.path.abspath(args[0])
@ -83,17 +92,20 @@ def call_plugin(args):
return proc.returncode == 0 return proc.returncode == 0
def call_hook(args): def call_event(args):
"""check if the hook script may be called - and do it finally ...""" """check if the event script may be called - and do it finally ..."""
hook = os.path.abspath(args[0]) event = os.path.abspath(args[0])
del args[0] del args[0]
## check existence and if it is executable ## check existence and if it is executable
if not os.access(hook, os.X_OK): if not os.access(event, os.X_OK):
raise Exception, "could not find executable hook script (%s)" % hook raise Exception, "could not find executable event script (%s)" % event
## check if the hook (and its parents) are only writeable for root ## check if the script is valid (the marker file must be in the same directory)
if not checkIfFileIsSafe(hook): if not checkIfEventScriptIsValid(plugin):
raise Exception, "the hook (%s) is not safe - check its (and its parents') permissions" % hook raise Exception, "the event script (%s) does not reside in a directory with the marker file (%s) - this is not allowed due to abuse prevention" % (plugin,EVENT_MARKER)
args.insert(0,hook) ## check if the event (and its parents) are only writeable for root
if not checkIfFileIsSafe(event):
raise Exception, "the event (%s) is not safe - check its (and its parents') permissions" % event
args.insert(0,event)
proc = subprocess.Popen( proc = subprocess.Popen(
shell = False, shell = False,
args = args) args = args)
@ -374,12 +386,12 @@ if __name__ == "__main__":
else: else:
sys.exit(1) sys.exit(1)
if args[0].lower() == "hook": if args[0].lower() == "event":
del args[0] del args[0]
try: try:
isOK = call_hook(args) isOK = call_event(args)
except Exception, errMsg: except Exception, errMsg:
sys.stderr.write("Execution of hook script failed: %s\n" % errMsg) sys.stderr.write("Execution of event script failed: %s\n" % errMsg)
sys.exit(100) sys.exit(100)
if isOK: if isOK:
sys.exit(0) sys.exit(0)

View File

@ -1,4 +1,4 @@
#!/usr/bin/python2.4 #!/usr/bin/env python2.4
# #
# The daemon script to run the CryptoBox webserver. # The daemon script to run the CryptoBox webserver.
# #
@ -158,14 +158,16 @@ def parseOptions():
if __name__ == "__main__": if __name__ == "__main__":
## process arguments ## process arguments
options = parseOptions() options = parseOptions()
## initialize the webserver class (before forking to get some error messages)
cbw = CryptoBoxWebserver(options)
## run the webserver as a daemon process ## run the webserver as a daemon process
if options.background: fork_to_background() if options.background: fork_to_background()
## write pid file
write_pid_file(options.pidfile)
## close open files to allow background execution ## close open files to allow background execution
if options.background: close_open_files() if options.background: close_open_files()
## write pid file
write_pid_file(options.pidfile)
## TODO: if we close the open files _after_ initialization, then we also close
## the log out - we have to figure something out here ...
## initialize the webserver class (before forking to get some error messages)
cbw = CryptoBoxWebserver(options)
## start the webserver ## start the webserver
try: try:
cbw.start() cbw.start()