Ignore:
Timestamp:
Apr 6, 2008, 8:08:04 PM (17 years ago)
Author:
broder
Message:

Validate the locker name before using it for anything

Location:
trunk/packages/sipb-xen-www/code
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/packages/sipb-xen-www/code/getafsgroups.py

    r246 r408  
    22import pprint
    33import subprocess
     4from webcommon import InvalidInput
    45
    56# import ldap
     
    3536    return [line.strip() for line in p.stdout.readlines()[1:]]
    3637
     38def getLockerPath(locker):
     39    if '/' in locker or locker in ['.', '..']:
     40        raise InvalidInput('owner', locker, 'Locker name is invalid.')
     41    return '/mit/' + locker
     42
    3743def checkAfsGroup(user, group, cell):
    3844    """
     
    4248
    4349def getCell(locker):
    44     p = subprocess.Popen(["fs", "whichcell", "/mit/" + locker],
     50    p = subprocess.Popen(["fs", "whichcell", getLockerPath(locker)],
    4551                         stdout=subprocess.PIPE, stderr=subprocess.PIPE)
    4652    if p.wait():
     
    4955
    5056def getLockerAcl(locker):
    51     p = subprocess.Popen(["fs", "listacl", "/mit/" + locker],
     57    p = subprocess.Popen(["fs", "listacl", getLockerPath(locker)],
    5258                         stdout=subprocess.PIPE, stderr=subprocess.PIPE)
    5359    if p.wait():
     
    5965        if fields[0] == 'Negative':
    6066            break
    61         if 'rlidwka' in fields[1]:
     67        if 'a' in fields[1]:
    6268            values.append(fields[0])
    6369    return values
     
    8086                                checkAfsGroup(user, entry, cell)):
    8187            return False
    82     return "You don't have admin bits on /mit/" + locker
     88    return "You don't have admin bits on " + getLockerPath(locker)
    8389
    8490
  • trunk/packages/sipb-xen-www/code/main.py

    r407 r408  
    449449group.""",
    450450                        quotas="""
    451 Quotas are determined on a per-locker basis.  Each quota may have a
     451Quotas are determined on a per-locker basis.  Each locker may have a
    452452maximum of 512 megabytes of active ram, 50 gigabytes of disk, and 4
    453453active machines.""",
Note: See TracChangeset for help on using the changeset viewer.