summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbbaetz%student.usyd.edu.au <>2002-06-04 14:47:27 +0200
committerbbaetz%student.usyd.edu.au <>2002-06-04 14:47:27 +0200
commitb4c02643fcf1586496bafcdda50e8219dc3fa0df (patch)
tree73276f17ed04fa1babf3b71caf6a902e41827728
parenta162877b07097cf590f436aa6ce13ca12d54b0a6 (diff)
downloadbugzilla-b4c02643fcf1586496bafcdda50e8219dc3fa0df.tar.gz
bugzilla-b4c02643fcf1586496bafcdda50e8219dc3fa0df.tar.xz
Bug 143574 - taint errors with alternate formats. Also make data/template
writable for non webservergroup users. r=myk, justdave
-rwxr-xr-xchecksetup.pl6
-rw-r--r--globals.pl10
2 files changed, 14 insertions, 2 deletions
diff --git a/checksetup.pl b/checksetup.pl
index 4b6a23f27..0f9e2328f 100755
--- a/checksetup.pl
+++ b/checksetup.pl
@@ -841,6 +841,8 @@ END
if (-e 'data/template') {
unless (-d 'data/template' && -e 'data/template/.lastRebuild' &&
(stat('data/template/.lastRebuild'))[9] >= $lastTemplateParamChange) {
+ print "Removing existing compiled templates ...\n";
+
# If File::Path::rmtree reported errors, then I'd use that
use File::Find;
sub remove {
@@ -904,6 +906,8 @@ END
}
{
+ print "Precompiling templates ...\n";
+
use File::Find;
use Cwd;
@@ -1089,7 +1093,7 @@ if ($my_webservergroup) {
my $gid = (split " ", $()[0];
fixPerms('.htaccess', $<, $gid, 022); # glob('*') doesn't catch dotfiles
fixPerms('data/.htaccess', $<, $gid, 022);
- fixPerms('data/template', $<, $gid, 022, 1);
+ fixPerms('data/template', $<, $gid, 000, 1); # webserver will write to these
fixPerms('data/webdot/.htaccess', $<, $gid, 022);
fixPerms('data/params', $<, $gid, 011);
fixPerms('*', $<, $gid, 022);
diff --git a/globals.pl b/globals.pl
index 637955bd6..99af6ffa4 100644
--- a/globals.pl
+++ b/globals.pl
@@ -1680,7 +1680,15 @@ sub GetOutputFormats {
# Loop over each file in the sub-directory looking for format files
# (files whose name looks like SCRIPT-FORMAT.EXT.tmpl).
foreach my $file (@files) {
- if ($file =~ /^\Q$script\E-(.+)\.(.+)\.(tmpl)$/) {
+ if ($file =~ /^\Q$script\E-(.+)\.(.+)\.tmpl$/) {
+ # This must be a valid file
+ # If an attacker could add a previously unused format
+ # type to trick us into running it, then they could just
+ # change an existing one...
+ # (This implies that running without a webservergroup is
+ # insecure, but that is the case anyway)
+ trick_taint($file);
+
$formats->{$1} = {
'template' => $file ,
'extension' => $2 ,