зеркало из https://github.com/mozilla/pjs.git
bug 155861 - showdependancygraph.cgi fails taint check with local dot
installation r=gerv, myk
This commit is contained in:
bbaetz%student.usyd.edu.au
Родитель
579bdb287d
Коммит
a84817d172
|
|
@ -640,8 +640,8 @@ $::ENV{'PATH'} = $origPath;
|
|||
unless (-d 'data') {
|
||||
print "Creating data directory ...\n";
|
||||
# permissions for non-webservergroup are fixed later on
|
||||
mkdir 'data', 0770;
|
||||
mkdir 'data/mimedump-tmp', 01777;
|
||||
mkdir 'data', 0770;
|
||||
mkdir 'data/mimedump-tmp', 01777;
|
||||
open FILE, '>>data/comments'; close FILE;
|
||||
open FILE, '>>data/nomail'; close FILE;
|
||||
open FILE, '>>data/mail'; close FILE;
|
||||
|
|
@ -726,7 +726,16 @@ unless (-d 'graphs') {
|
|||
|
||||
close(IN);
|
||||
close(OUT);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
unless (-d 'data/mining') {
|
||||
mkdir 'data/mining', 0700;
|
||||
}
|
||||
|
||||
unless (-d 'data/webdot') {
|
||||
# perms/ownership are fixed up later
|
||||
mkdir 'data/webdot', 0700;
|
||||
}
|
||||
|
||||
if ($my_create_htaccess) {
|
||||
|
|
@ -771,10 +780,6 @@ END
|
|||
chmod $fileperm, "template/.htaccess";
|
||||
}
|
||||
if (!-e "data/webdot/.htaccess") {
|
||||
if (!-d "data/webdot") {
|
||||
mkdir "data/webdot", $dirperm;
|
||||
chmod $dirperm, "data/webdot"; # the perms on mkdir don't seem to apply for some reason...
|
||||
}
|
||||
print "Creating data/webdot/.htaccess...\n";
|
||||
open HTACCESS, ">data/webdot/.htaccess";
|
||||
print HTACCESS <<'END';
|
||||
|
|
@ -1073,7 +1078,10 @@ if ($my_webservergroup) {
|
|||
# userid.
|
||||
fixPerms('.htaccess', $<, $webservergid, 027); # glob('*') doesn't catch dotfiles
|
||||
fixPerms('data/.htaccess', $<, $webservergid, 027);
|
||||
fixPerms('data/duplicates', $<, $webservergid, 027, 1);
|
||||
fixPerms('data/mining', $<, $webservergid, 027, 1);
|
||||
fixPerms('data/template', $<, $webservergid, 007, 1); # webserver will write to these
|
||||
fixPerms('data/webdot', $<, $webservergid, 007, 1);
|
||||
fixPerms('data/webdot/.htaccess', $<, $webservergid, 027);
|
||||
fixPerms('data/params', $<, $webservergid, 017);
|
||||
fixPerms('*', $<, $webservergid, 027);
|
||||
|
|
@ -1093,7 +1101,11 @@ if ($my_webservergroup) {
|
|||
my $gid = (split " ", $()[0];
|
||||
fixPerms('.htaccess', $<, $gid, 022); # glob('*') doesn't catch dotfiles
|
||||
fixPerms('data/.htaccess', $<, $gid, 022);
|
||||
fixPerms('data/duplicates', $<, $gid, 022, 1);
|
||||
fixPerms('data/mining', $<, $gid, 022, 1);
|
||||
fixPerms('data/template', $<, $gid, 000, 1); # webserver will write to these
|
||||
fixPerms('data/webdot', $<, $gid, 000, 1);
|
||||
chmod 01777, 'data/webdot';
|
||||
fixPerms('data/webdot/.htaccess', $<, $gid, 022);
|
||||
fixPerms('data/params', $<, $gid, 011);
|
||||
fixPerms('*', $<, $gid, 022);
|
||||
|
|
|
|||
|
|
@ -75,8 +75,6 @@ if (!defined($::FORM{'id'}) && !defined($::FORM{'doall'})) {
|
|||
exit;
|
||||
}
|
||||
|
||||
mkdir("data/webdot", 0777);
|
||||
|
||||
my $filename = "data/webdot/$$.dot";
|
||||
my $urlbase = Param('urlbase');
|
||||
|
||||
|
|
@ -189,10 +187,13 @@ if ($webdotbase =~ /^https?:/) {
|
|||
|
||||
# Cleanup any old .dot files created from previous runs.
|
||||
my $since = time() - 24 * 60 * 60;
|
||||
foreach my $f (glob("data/webdot/*.dot
|
||||
data/webdot/*.png
|
||||
data/webdot/*.map"))
|
||||
# Can't use glob, since even calling that fails taint checks for perl < 5.6
|
||||
opendir(DIR, "data/webdot/");
|
||||
my @files = grep { /\.dot$|\.png$|\.map$/ && -f "data/webdot/$_" } readdir(DIR);
|
||||
closedir DIR;
|
||||
foreach my $f (@files)
|
||||
{
|
||||
$f = "data/webdot/$f";
|
||||
# Here we are deleting all old files. All entries are from the
|
||||
# data/webdot/ directory. Since we're deleting the file (not following
|
||||
# symlinks), this can't escape to delete anything it shouldn't
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче