Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
Gelencsér Szabolcs
/
cloud
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
e0ef5de6
authored
Feb 27, 2013
by
Őry Máté
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
store: do setuided write in subprocess
parent
5549fde5
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
22 additions
and
20 deletions
+22
-20
miscellaneous/store-server/CloudStore.py
+22
-20
No files found.
miscellaneous/store-server/CloudStore.py
View file @
e0ef5de6
...
@@ -8,9 +8,7 @@ import uuid
...
@@ -8,9 +8,7 @@ import uuid
import
subprocess
import
subprocess
import
ConfigParser
import
ConfigParser
from
pwd
import
getpwnam
from
pwd
import
getpwnam
import
thread
import
multiprocessing
setuid_lock
=
thread
.
allocate_lock
()
# Get configuration file
# Get configuration file
config
=
ConfigParser
.
ConfigParser
()
config
=
ConfigParser
.
ConfigParser
()
...
@@ -281,6 +279,20 @@ def upload_allow(hash_num):
...
@@ -281,6 +279,20 @@ def upload_allow(hash_num):
response
.
set_header
(
'Access-Control-Allow-Headers'
,
'Content-Type, Content-Range, Content-Disposition, Content-Description'
)
response
.
set_header
(
'Access-Control-Allow-Headers'
,
'Content-Type, Content-Range, Content-Disposition, Content-Description'
)
return
'ok'
return
'ok'
def
_upload_save
(
uid
,
gid
,
input
,
path
):
os
.
setegid
(
gid
)
os
.
seteuid
(
uid
)
try
:
with
open
(
path
,
'wb'
,
0600
)
as
output
:
while
True
:
chunk
=
input
.
read
(
256
*
1024
)
if
not
chunk
:
break
output
.
write
(
chunk
)
finally
:
input
.
close
()
@route
(
'/ul/<hash_num>'
,
method
=
'POST'
)
@route
(
'/ul/<hash_num>'
,
method
=
'POST'
)
def
upload
(
hash_num
):
def
upload
(
hash_num
):
link
=
ROOT_WWW_FOLDER
+
'/'
+
hash_num
link
=
ROOT_WWW_FOLDER
+
'/'
+
hash_num
...
@@ -300,25 +312,15 @@ def upload(hash_num):
...
@@ -300,25 +312,15 @@ def upload(hash_num):
abort
(
400
,
'Invalid path.'
)
abort
(
400
,
'Invalid path.'
)
linkstat
=
os
.
stat
(
link
)
linkstat
=
os
.
stat
(
link
)
os
.
remove
(
link
)
os
.
remove
(
link
)
p
=
multiprocessing
.
Process
(
target
=
_upload_save
,
args
=
(
linkstat
.
st_uid
,
linkstat
.
st_gid
,
file_data
.
file
,
up_path
,
))
try
:
try
:
with
setuid_lock
:
p
.
start
()
try
:
p
.
join
()
os
.
setegid
(
linkstat
.
st_gid
)
os
.
seteuid
(
linkstat
.
st_uid
)
file
=
open
(
up_path
,
'wb'
,
0600
)
finally
:
os
.
seteuid
(
0
)
os
.
setegid
(
0
)
while
True
:
chunk
=
file_data
.
file
.
read
(
256
*
1024
)
if
not
chunk
:
break
file
.
write
(
chunk
)
except
:
abort
(
400
,
'Write failed.'
)
finally
:
finally
:
file
.
close
()
p
.
terminate
()
if
p
.
exitcode
:
abort
(
400
,
'Write failed.'
)
try
:
try
:
redirect_address
=
request
.
headers
.
get
(
'Referer'
)
redirect_address
=
request
.
headers
.
get
(
'Referer'
)
except
:
except
:
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
