Complain if we are creating temporary files in world-writable
directories.
This commit is contained in:
parent
d212ae060e
commit
842cda8a37
|
@ -45,6 +45,7 @@ import mailbox
|
||||||
import os
|
import os
|
||||||
import rfc822
|
import rfc822
|
||||||
import signal
|
import signal
|
||||||
|
import stat
|
||||||
import string
|
import string
|
||||||
import tempfile
|
import tempfile
|
||||||
import time
|
import time
|
||||||
|
@ -144,7 +145,7 @@ class Options:
|
||||||
lockfile_attempts = 5
|
lockfile_attempts = 5
|
||||||
lockfile_extension = ".lock"
|
lockfile_extension = ".lock"
|
||||||
lockfile_sleep = 1
|
lockfile_sleep = 1
|
||||||
output_dir = None
|
output_dir = os.curdir
|
||||||
quiet = 0
|
quiet = 0
|
||||||
script_name = os.path.basename(sys.argv[0])
|
script_name = os.path.basename(sys.argv[0])
|
||||||
use_modify_time = 0
|
use_modify_time = 0
|
||||||
|
@ -179,13 +180,7 @@ class Options:
|
||||||
self.dry_run = 1
|
self.dry_run = 1
|
||||||
if o in ('-d', '--days'):
|
if o in ('-d', '--days'):
|
||||||
self.days_old_max = string.atoi(a)
|
self.days_old_max = string.atoi(a)
|
||||||
if (self.days_old_max < 1):
|
|
||||||
user_error("argument to -d must be greater than zero")
|
|
||||||
if (self.days_old_max >= 10000):
|
|
||||||
user_error("argument to -d must be less than 10000")
|
|
||||||
if o in ('-o', '--output-dir'):
|
if o in ('-o', '--output-dir'):
|
||||||
if not os.path.isdir(a):
|
|
||||||
user_error("output directory does not exist: '%s'" % a)
|
|
||||||
self.output_dir = a
|
self.output_dir = a
|
||||||
if o in ('-h', '-?', '--help'):
|
if o in ('-h', '-?', '--help'):
|
||||||
print usage
|
print usage
|
||||||
|
@ -223,6 +218,22 @@ class Options:
|
||||||
self.compressor_extension = extensions[self.compressor]
|
self.compressor_extension = extensions[self.compressor]
|
||||||
return args
|
return args
|
||||||
|
|
||||||
|
def sanity_check(self):
|
||||||
|
"""Complain bitterly about our options now rather than later"""
|
||||||
|
if not os.path.isdir(self.output_dir):
|
||||||
|
user_error("output directory does not exist: '%s'" % \
|
||||||
|
self.output_dir)
|
||||||
|
if not os.access(self.output_dir, os.W_OK):
|
||||||
|
user_error("no write permission on output directory: '%s'" % \
|
||||||
|
self.output_dir)
|
||||||
|
if is_world_writable(self.output_dir):
|
||||||
|
unexpected_error(("output directory is world-writable: '%s' " + \
|
||||||
|
"-- I feel nervous!") % self.output_dir)
|
||||||
|
if (self.days_old_max < 1):
|
||||||
|
user_error("argument to -d must be greater than zero")
|
||||||
|
if (self.days_old_max >= 10000):
|
||||||
|
user_error("argument to -d must be less than 10000")
|
||||||
|
|
||||||
|
|
||||||
class Mbox(mailbox.PortableUnixMailbox):
|
class Mbox(mailbox.PortableUnixMailbox):
|
||||||
"""Class that allows read/write access to a 'mbox' mailbox.
|
"""Class that allows read/write access to a 'mbox' mailbox.
|
||||||
|
@ -509,7 +520,10 @@ Website: http://archivemail.sourceforge.net/ """ % \
|
||||||
print usage
|
print usage
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
||||||
|
_options.sanity_check()
|
||||||
os.umask(077) # saves setting permissions on mailboxes/tempfiles
|
os.umask(077) # saves setting permissions on mailboxes/tempfiles
|
||||||
|
tempfile.tempdir = _options.output_dir
|
||||||
|
assert(tempfile.tempdir)
|
||||||
|
|
||||||
# Make sure we clean up nicely - we don't want to leave stale procmail
|
# Make sure we clean up nicely - we don't want to leave stale procmail
|
||||||
# lockfiles about if something bad happens to us. This is quite
|
# lockfiles about if something bad happens to us. This is quite
|
||||||
|
@ -643,17 +657,15 @@ def archive(mailbox_name):
|
||||||
"""
|
"""
|
||||||
assert(mailbox_name)
|
assert(mailbox_name)
|
||||||
|
|
||||||
tempfile.tempdir = choose_temp_dir(mailbox_name)
|
|
||||||
vprint("set tempfile directory to '%s'" % tempfile.tempdir)
|
vprint("set tempfile directory to '%s'" % tempfile.tempdir)
|
||||||
|
|
||||||
final_archive_name = mailbox_name + _options.archive_suffix
|
final_archive_name = mailbox_name + _options.archive_suffix
|
||||||
if _options.output_dir:
|
final_archive_name = os.path.join(_options.output_dir,
|
||||||
final_archive_name = os.path.join(_options.output_dir,
|
|
||||||
os.path.basename(final_archive_name))
|
os.path.basename(final_archive_name))
|
||||||
vprint("archiving '%s' to '%s' ..." % (mailbox_name, final_archive_name))
|
vprint("archiving '%s' to '%s' ..." % (mailbox_name, final_archive_name))
|
||||||
|
|
||||||
if os.path.islink(mailbox_name):
|
if os.path.islink(mailbox_name):
|
||||||
unexpected_error("'%s' is a symbolic link -- I am nervous" %
|
unexpected_error("'%s' is a symbolic link -- I feel nervous!" %
|
||||||
mailbox_name)
|
mailbox_name)
|
||||||
elif os.path.isfile(mailbox_name):
|
elif os.path.isfile(mailbox_name):
|
||||||
vprint("guessing mailbox is of type: mbox")
|
vprint("guessing mailbox is of type: mbox")
|
||||||
|
@ -824,20 +836,11 @@ def clean_up_signal(signal_number, stack_frame):
|
||||||
unexpected_error("received signal %s" % signal_number)
|
unexpected_error("received signal %s" % signal_number)
|
||||||
|
|
||||||
|
|
||||||
def choose_temp_dir(mailbox_path):
|
def is_world_writable(path):
|
||||||
"""Set the directory for temporary files to something safe.
|
"""Return true if the path is world-writable, false otherwise"""
|
||||||
|
assert(path)
|
||||||
Arguments:
|
return (os.stat(path)[stat.ST_MODE] & stat.S_IWOTH)
|
||||||
mailbox_path -- path name to the original mailbox
|
|
||||||
|
|
||||||
"""
|
|
||||||
assert(mailbox_path)
|
|
||||||
temp_dir = os.path.dirname(mailbox_path)
|
|
||||||
if _options.output_dir:
|
|
||||||
temp_dir = _options.output_dir
|
|
||||||
if not temp_dir:
|
|
||||||
temp_dir = os.curdir # use the current directory
|
|
||||||
return temp_dir
|
|
||||||
|
|
||||||
def system_or_die(command):
|
def system_or_die(command):
|
||||||
"""Run the command with os.system(), aborting on non-zero exit"""
|
"""Run the command with os.system(), aborting on non-zero exit"""
|
||||||
|
|
Loading…
Reference in New Issue