From 4a6b031478485fa0885f5eef6a9e1c636568109d Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Jan 15 2019 22:42:24 +0000 Subject: Check cache file permissions before using Signed-off-by: Patrick Uiterwijk --- diff --git a/alt.fedoraproject.org/build/fedimg_vars.py b/alt.fedoraproject.org/build/fedimg_vars.py index 8a66ce7..12734cc 100755 --- a/alt.fedoraproject.org/build/fedimg_vars.py +++ b/alt.fedoraproject.org/build/fedimg_vars.py @@ -19,7 +19,7 @@ import logging import shelve import os -from fedimg_vars_lib import get_messages, sanity_check, mocked_fedimg +from fedimg_vars_lib import get_messages, sanity_check, mocked_fedimg, check_permissions logging.basicConfig(level=logging.INFO) @@ -30,7 +30,9 @@ cachefile = '/tmp/fedora_websites_fedimg_alt_%s.cache' # We cache this guy on disk for 500s def collect(release): - shelf = shelve.open(cachefile % (sha1(str(release)).hexdigest())) + filename = cachefile % (sha1(str(release)).hexdigesT()) + shelf = shelve.open(filename) + check_permissions(filename=filename) if shelf.get('timestamp') and shelf.get('timestamp') > (datetime.utcnow() - timedelta(hours=1)): log.info('Retrieving release data from shelf') toreturn = shelf['collected'] diff --git a/getfedora.org/build/fedimg_vars.py b/getfedora.org/build/fedimg_vars.py index 24707dc..bfe92f6 100755 --- a/getfedora.org/build/fedimg_vars.py +++ b/getfedora.org/build/fedimg_vars.py @@ -19,7 +19,7 @@ import logging import shelve import os -from fedimg_vars_lib import get_messages, sanity_check, mocked_fedimg +from fedimg_vars_lib import get_messages, sanity_check, mocked_fedimg, check_permissions logging.basicConfig(level=logging.INFO) @@ -30,7 +30,9 @@ cachefile = '/tmp/fedora_websites_fedimg_getfedora_%s.cache' # We cache this guy on disk for 500s def collect(release): - shelf = shelve.open(cachefile % (sha1(str(release)).hexdigest())) + filename = cachefile % (sha1(str(release)).hexdigest()) + shelf = shelve.open(filename) + check_permissions(filename=filename) if shelf.get('timestamp') and shelf.get('timestamp') > (datetime.utcnow() - timedelta(hours=1)): log.info('Retrieving release data from shelf') toreturn = shelf['collected'] diff --git a/tools/fedimg_vars_lib.py b/tools/fedimg_vars_lib.py index 20327c8..a11622c 100755 --- a/tools/fedimg_vars_lib.py +++ b/tools/fedimg_vars_lib.py @@ -17,6 +17,7 @@ from datetime import datetime, timedelta import functools import logging import json +import stat import os import requests @@ -66,10 +67,32 @@ def filter_messages(messages, target): yield message +def check_permissions(fd=None, filename=None): + """ Make sure we are the only ones with access to this file. """ + if fd is not None: + info = os.fstat(fd) + elif filename is not None: + info = os.lstat(filename) + else: + raise Exception("check_permissions called without args") + if stat.S_ISLNK(info.st_mode): + raise Exception("Cache is a symlink") + if not stat.S_ISREG(info.st_mode): + raise Exception("Cache is not a regular file") + if info.st_uid != os.getuid(): + raise Exception("Cache is not owned by us") + if info.st_mode & stat.S_IWGRP: + raise Exception("Group has write permission to cache") + if info.st_mode & stat.S_IWOTH: + raise Exception("Other has write permission to cache") + + def get_messages(target): """ Filter the messages on target. """ + check_permissions(filename=cache_file) try: with open(cache_file, 'r') as cf: + check_permissions(fd=cf.fileno()) cache = json.load(cf) cachetime = datetime.strptime(cache['timestamp'], dateformat) if cachetime > (datetime.utcnow() - timedelta(days=1)): @@ -79,6 +102,7 @@ def get_messages(target): messages = list(retrieve_messages()) with open(cache_file, 'w') as cf: + check_permissions(fd=cf.fileno()) cache = {'timestamp': datetime.utcnow().strftime(dateformat), 'messages': messages} json.dump(cache, cf)