Attachment 'MoinMoin-access.patch'

Download

   1 diff -c --new-file -r --exclude=*\.pyc lib/python2.3/site-packages/MoinMoin/Page.py tmp/MoinMoin/Page.py
   2 *** lib/python2.3/site-packages/MoinMoin/Page.py	Sat Jan 22 14:37:23 2005
   3 --- tmp/MoinMoin/Page.py	Fri Feb 11 18:05:35 2005
   4 ***************
   5 *** 13,18 ****
   6 --- 13,19 ----
   7   from MoinMoin import config, caching, user, util, wikiutil
   8   from MoinMoin.logfile import eventlog
   9   from MoinMoin.util import filesys, web
  10 + from MoinMoin.access import access
  11   
  12   
  13   # There are many places accessing ACLs even without actually sending
  14 ***************
  15 *** 424,430 ****
  16           @rtype: bool
  17           @return: true, if this page is writable or does not exist
  18           """
  19 !         return os.access(self._text_filename(), os.W_OK) or not self.exists()
  20   
  21       def isUnderlayPage(self, includeDeleted=True):
  22           """ Does this page live in the underlay dir?
  23 --- 425,431 ----
  24           @rtype: bool
  25           @return: true, if this page is writable or does not exist
  26           """
  27 !         return access(self._text_filename(), os.W_OK) or not self.exists()
  28   
  29       def isUnderlayPage(self, includeDeleted=True):
  30           """ Does this page live in the underlay dir?
  31 diff -c --new-file -r --exclude=*\.pyc lib/python2.3/site-packages/MoinMoin/access.py tmp/MoinMoin/access.py
  32 *** lib/python2.3/site-packages/MoinMoin/access.py	Thu Jan  1 01:00:00 1970
  33 --- tmp/MoinMoin/access.py	Fri Feb 11 18:23:02 2005
  34 ***************
  35 *** 0 ****
  36 --- 1,77 ----
  37 + # access.py -- functions for testing access to files
  38 + #
  39 + # Richard Brooksby, 2005-02-11
  40 + #
  41 + # This function supplement those in os.path with tests for readability and
  42 + # writeability of a filesystem object by the current _effective_ user and
  43 + # group.  Note that this is quite different to os.access, which checks the
  44 + # entire path using the _real_ user and group, and is intended as a utility
  45 + # for setuid/setgid programs.
  46 + #
  47 + # NOTES
  48 + #
  49 + # 1. This is prototype code and has not been tested in a production system.
  50 + #
  51 + # 2. Only looks at permissions bits and not whether the filesystem is
  52 + # read-only, for example.
  53 + #
  54 + # 3. Assumes root's uid is zero.
  55 + #
  56 + #
  57 + # 2005-02-11  RB  Created as a solution for
  58 + # <http://moinmoin.wikiwikiweb.de/FeatureRequests/UseSetgidWraper>.
  59 + 
  60 + import os
  61 + import stat
  62 + 
  63 + def access(path, mode):
  64 + 
  65 +     try:
  66 +         s = os.stat(path)
  67 +     except OSError:
  68 +         return False
  69 + 
  70 +     euid = os.geteuid()
  71 +     egid = os.getegid()
  72 +     
  73 +     mask = stat.S_IRWXO
  74 +     
  75 +     if s.st_gid == egid:
  76 +         mask = mask | stat.S_IRWXG
  77 + 
  78 +     if s.st_uid == euid:
  79 +         mask = mask | stat.S_IRWXU
  80 + 
  81 +     # If you're asking about readability
  82 +     if mode & os.R_OK:
  83 +         # If you're root, or any relevant readability bits are set, then
  84 +         # you can read it.
  85 +         if (euid == 0 or
  86 +             (s.st_mode & mask & (stat.S_IROTH | stat.S_IRGRP | stat.S_IRUSR))):
  87 +             pass
  88 +         else:
  89 +             return False
  90 + 
  91 +     # See above for comments, but s/readable/writeable/.
  92 +     if mode & os.W_OK:
  93 +         if (euid == 0 or
  94 +             (s.st_mode & mask & (stat.S_IWOTH | stat.S_IWGRP | stat.S_IWUSR))):
  95 +             pass
  96 +         else:
  97 +             return False
  98 + 
  99 +     if mode & os.X_OK:
 100 +         # Root can't execute things that aren't executable.  That would be a
 101 +         # very nasty security hole.  However, root _can_ execute things that
 102 +         # _anyone_ can execute.
 103 +         if euid == 0:
 104 +             if s.st_mode & (stat.S_IXOTH | stat.S_IXGRP | stat.S_IXUSR):
 105 +                 pass
 106 +             else:
 107 +                 return False
 108 +         elif s.st_mode & mask & (stat.S_IXOTH | stat.S_IXGRP | stat.S_IXUSR):
 109 +             pass
 110 +         else:
 111 +             return False
 112 + 
 113 +     return True
 114 diff -c --new-file -r --exclude=*\.pyc lib/python2.3/site-packages/MoinMoin/multiconfig.py tmp/MoinMoin/multiconfig.py
 115 *** lib/python2.3/site-packages/MoinMoin/multiconfig.py	Sat Jan 22 14:37:20 2005
 116 --- tmp/MoinMoin/multiconfig.py	Fri Feb 11 18:06:27 2005
 117 ***************
 118 *** 10,15 ****
 119 --- 10,16 ----
 120   
 121   import re, os, sys
 122   from MoinMoin import error
 123 + from MoinMoin.access import access
 124   
 125   
 126   _url_re = None
 127 ***************
 128 *** 413,419 ****
 129                   continue
 130   
 131               path_pages = os.path.join(path, "pages")
 132 !             if not (os.path.isdir(path_pages) and os.access(path_pages, mode)):
 133                   msg = '''
 134   "%(attr)s" does not exists at "%(path)s", or has incorrect ownership and
 135   permissions.
 136 --- 414,420 ----
 137                   continue
 138   
 139               path_pages = os.path.join(path, "pages")
 140 !             if not (os.path.isdir(path_pages) and access(path_pages, mode)):
 141                   msg = '''
 142   "%(attr)s" does not exists at "%(path)s", or has incorrect ownership and
 143   permissions.
 144 diff -c --new-file -r --exclude=*\.pyc lib/python2.3/site-packages/MoinMoin/wikitest.py tmp/MoinMoin/wikitest.py
 145 *** lib/python2.3/site-packages/MoinMoin/wikitest.py	Mon Jan 24 19:00:18 2005
 146 --- tmp/MoinMoin/wikitest.py	Fri Feb 11 18:07:02 2005
 147 ***************
 148 *** 19,24 ****
 149 --- 19,25 ----
 150       import os, sys
 151       from MoinMoin import version
 152       from MoinMoin.logfile import editlog, eventlog
 153 +     from MoinMoin.access import access
 154   
 155       request.write('Release %s\n' % version.release)
 156       request.write('Revision %s\n' % version.revision)
 157 ***************
 158 *** 49,55 ****
 159       for name, path in dirs:
 160           if not os.path.isdir(path):
 161               request.write("*** %s directory NOT FOUND (set to '%s')\n" % (name, path))
 162 !         elif not os.access(path, os.R_OK | os.W_OK | os.X_OK):
 163               request.write("*** %s directory NOT ACCESSIBLE (set to '%s')\n" % (name, path))
 164           else:
 165               path = os.path.abspath(path)
 166 --- 50,56 ----
 167       for name, path in dirs:
 168           if not os.path.isdir(path):
 169               request.write("*** %s directory NOT FOUND (set to '%s')\n" % (name, path))
 170 !         elif not access(path, os.R_OK | os.W_OK | os.X_OK):
 171               request.write("*** %s directory NOT ACCESSIBLE (set to '%s')\n" % (name, path))
 172           else:
 173               path = os.path.abspath(path)

Attached Files

To refer to attachments on a page, use attachment:filename, as shown below in the list of files. Do NOT use the URL of the [get] link, since this is subject to change and can break easily.
  • [get | view] (2005-02-11 18:31:49, 6.0 KB) [[attachment:MoinMoin-access.patch]]
 All files | Selected Files: delete move to page copy to page

You are not allowed to attach a file to this page.