Changeset 08d4fa6 for asadb


Ignore:
Timestamp:
Sep 15, 2012, 9:53:40 PM (13 years ago)
Author:
Alex Dehnert <adehnert@…>
Branches:
master, space-access, stable, stage
Children:
cf4b7f4
Parents:
3113644
git-author:
Alex Dehnert <adehnert@…> (09/15/12 21:53:40)
git-committer:
Alex Dehnert <adehnert@…> (09/15/12 21:53:40)
Message:

Wrappers for safely calling commands in a new PAG

The usual mechanism for starting a new PAG is pagsh(1). Unfortunately, because
it basically just execvp(3) /bin/sh passing the appropriate arguments, it isn't
immediately obvious how to safely pass arguments that may contain shell
metacharacters. By using the shell's exec and taking advantage of the fact that
later arguments to /bin/sh end up in $@ we can safely avoid shell
metacharacters. We wrap subprocess.check_{call,output} in
pag_check_{call,output}, which perform appropriate contortions to establish the
PAG before safely executing the passed commands without evaluating any
metacharacters.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • asadb/mit/__init__.py

    r51b384a r08d4fa6  
     1import os
    12import subprocess
    23import ldap
     
    2930        except ValidationError:
    3031            raise ValidationError('Provide a valid URL or AFS path')
     32
     33def pag_check_helper(fn, args, aklog=False, ccname=None, **kwargs):
     34    if 'executable' in kwargs:
     35        raise ValueError('"executable" not supported with pag_check_*')
     36
     37    env = None
     38    if 'env' in kwargs:
     39        env = kwargs['env']
     40        del kwargs['env']
     41    if ccname:
     42        if env is not None:
     43            env = dict(env)
     44        else:
     45            env = dict(os.environ)
     46        env['KRB5CCNAME'] = ccname
     47
     48    pagsh_cmd = 'exec "$@"'
     49    if aklog: pagsh_cmd = "aklog && " + pagsh_cmd
     50    args = ['pagsh', '-c', pagsh_cmd, 'exec', ] + args
     51
     52    return fn(args, env=env, **kwargs)
     53
     54def pag_check_call(args, **kwargs):
     55    return pag_check_helper(subprocess.check_call, args, **kwargs)
     56def pag_check_output(args, **kwargs):
     57    return pag_check_helper(subprocess.check_output, args, **kwargs)
    3158
    3259class ScriptsRemoteUserMiddleware(RemoteUserMiddleware):
Note: See TracChangeset for help on using the changeset viewer.