Example #1
0
    def rpc_run(self, pcode, user, visitor):
        #uncomment the 2 commented lines and also line no.63 in chroot-setup to enable additional security such that if a profile breaks jail then also it's not able to access other's files
        q = 12356
        #q = int(''.join(str(ord(c)) for c in user)) % 2147360190 + 12355
        uid = q
        m = md5.new(user).hexdigest()

        userdir = '/tmp'+'/' + m
        #userdir = '/tmp'+'/' + str(q)
        if not os.path.isdir(userdir):
            os.mkdir(userdir, 0770)
            os.chown(userdir,q,q)

        (sa, sb) = socket.socketpair(socket.AF_UNIX, socket.SOCK_STREAM, 0)
        pid = os.fork()
        if pid == 0:
            if os.fork() <= 0:
                sa.close()
                ProfileAPIServer(user, visitor).run_sock(sb)
                sys.exit(0)
            else:
                sys.exit(0)
        sb.close()
        os.waitpid(pid, 0)

        sandbox = sandboxlib.Sandbox(userdir, uid, '/profilesvc/lockfile')
        with rpclib.RpcClient(sa) as profile_api_client:
            return sandbox.run(lambda: run_profile(pcode, profile_api_client))
Example #2
0
    def rpc_run(self, user, visitor):
        uid = 61017

        userdir = '/tmp/%s' % base64.b64encode(user.encode('utf-8'))
        if not os.path.exists(userdir):
            os.mkdir(userdir, 0700)
            os.chown(userdir, uid, uid)

        pcode = pcode_client.get_pcode(user)

        (sa, sb) = socket.socketpair(socket.AF_UNIX, socket.SOCK_STREAM, 0)
        pid = os.fork()
        if pid == 0:
            if os.fork() <= 0:
                sa.close()
                ProfileAPIServer(user, visitor).run_sock(sb)
                sys.exit(0)
            else:
                sys.exit(0)
        sb.close()
        os.waitpid(pid, 0)

        sandbox = sandboxlib.Sandbox(userdir, uid, '/profilesvc/lockfile')
        with rpclib.RpcClient(sa) as profile_api_client:
            return sandbox.run(lambda: run_profile(pcode, profile_api_client))
Example #3
0
    def rpc_run(self, pcode, user, visitor):
        uid = 61020
        db = zoodb.cred_setup()
        cred = db.query(zoodb.Cred).get(user)
        token = cred.token

        userdir = '/tmp/%s' % hashlib.sha1(user).hexdigest()
        if not os.path.exists(userdir):
            os.mkdir(userdir)
            os.chown(userdir, uid, uid)
            os.chmod(userdir, 0777)

        (sa, sb) = socket.socketpair(socket.AF_UNIX, socket.SOCK_STREAM, 0)
        pid = os.fork()
        if pid == 0:
            if os.fork() <= 0:
                sa.close()
                ProfileAPIServer(user, visitor, token).run_sock(sb)
                sys.exit(0)
            else:
                sys.exit(0)
        sb.close()
        os.waitpid(pid, 0)

        sandbox = sandboxlib.Sandbox(userdir, uid, '/profilesvc/lockfile')
        with rpclib.RpcClient(sa) as profile_api_client:
            return sandbox.run(lambda: run_profile(pcode, profile_api_client))
Example #4
0
    def rpc_run(self, pcode, user, visitor):
        def convertalpha(username):
            # quick fix: convert possibly problematic characters to zeroes
            for letter in username:
                if not letter.isalnum():
                    username[letter] = 0

            return username

        uid = 61017
        if not user.isalnum():
            user = convertalpha(user)

        userdir = os.path.join('/tmp', user)
        if os.path.exists(userdir):
            print "dir exists"
        else:
            os.mkdir(userdir)
            os.chmod(userdir, 0330)

        (sa, sb) = socket.socketpair(socket.AF_UNIX, socket.SOCK_STREAM, 0)
        pid = os.fork()
        if pid == 0:
            if os.fork() <= 0:
                sa.close()
                ProfileAPIServer(user, visitor).run_sock(sb)
                sys.exit(0)
            else:
                sys.exit(0)
        sb.close()
        os.waitpid(pid, 0)

        sandbox = sandboxlib.Sandbox(userdir, uid, '/profilesvc/lockfile')
        with rpclib.RpcClient(sa) as profile_api_client:
            return sandbox.run(lambda: run_profile(pcode, profile_api_client))
Example #5
0
    def rpc_run(self, pcode, user, visitor):
        uid = 6858

        userdir = '/tmp/' + user
        try:
            os.mkdir(userdir)
        except OSError:
            pass
        os.chmod(userdir, stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR)
        os.chown(userdir, uid, uid)

        (sa, sb) = socket.socketpair(socket.AF_UNIX, socket.SOCK_STREAM, 0)
        pid = os.fork()
        if pid == 0:
            if os.fork() <= 0:
                sa.close()
                ct = readconf.read_conf()
                ProfileAPIServer(user, visitor, pcode, ct).run_sock(sb)
                sys.exit(0)
            else:
                sys.exit(0)
        sb.close()
        os.waitpid(pid, 0)

        sandbox = sandboxlib.Sandbox(userdir, uid, '/tmp/lockfile')
        with rpclib.RpcClient(sa) as profile_api_client:
            return sandbox.run(lambda: run_profile(pcode, profile_api_client))
    def rpc_run(self, pcode, user, visitor):
        uid = 61018

        userdir = '/tmp'

        # let user know we will ignore '/', and '.' will be replaced
        # by '0'.
        # user name 'test/.' is the same as 'test0'
        user = user.replace("/", "")
        user = user.replace(".", "0")
        (sa, sb) = socket.socketpair(socket.AF_UNIX, socket.SOCK_STREAM, 0)
        pid = os.fork()
        if pid == 0:
            if os.fork() <= 0:
                sa.close()
                ProfileAPIServer(user, visitor).run_sock(sb)
                sys.exit(0)
            else:
                sys.exit(0)
        sb.close()
        os.waitpid(pid, 0)

        userdir = os.path.join(userdir, user)
        if not os.path.exists(userdir):
            os.mkdir(userdir)
            os.chmod(userdir, 0330)

        sandbox = sandboxlib.Sandbox(userdir, uid, '/profilesvc/lockfile')
        with rpclib.RpcClient(sa) as profile_api_client:
            return sandbox.run(lambda: run_profile(pcode, profile_api_client))
    def rpc_run(self, pcode, user, visitor):
        uid = 61008 # according zook.conf
        
        #consider the possibillity of usernames with special characters
        #so I use hash function try to get a unique nnumber
        userdir = '/tmp/%s' % str(hashlib.sha512(user).hexdigest())[0:10] 
        print 'userdir=%s' % userdir
        if not os.path.exists(userdir):
            os.makedirs(userdir)
            os.chmod(userdir,0755)        
            os.chown(userdir,uid,uid)

        (sa, sb) = socket.socketpair(socket.AF_UNIX, socket.SOCK_STREAM, 0)
        pid = os.fork()
        if pid == 0:
            if os.fork() <= 0:
                sa.close()
                ProfileAPIServer(user, visitor).run_sock(sb)
                sys.exit(0)
            else:
                sys.exit(0)
        sb.close()
        os.waitpid(pid, 0)

        sandbox = sandboxlib.Sandbox(userdir, uid, '/profilesvc/lockfile')
        with rpclib.RpcClient(sa) as profile_api_client:
            return sandbox.run(lambda: run_profile(pcode, profile_api_client))
Example #8
0
    def rpc_run(self, pcode, user, visitor):
        uid = 61012

        name = re.sub('/', '', user)
        userdir = '/tmp' + '/child' + name
        # print "Usedir:%s" % name
        if not os.path.exists(userdir):
            os.mkdir(userdir)
        os.chmod(userdir, 755)
        os.chown(userdir, uid, uid)

        (sa, sb) = socket.socketpair(socket.AF_UNIX, socket.SOCK_STREAM, 0)
        pid = os.fork()
        if pid == 0:
            if os.fork() <= 0:
                sa.close()
                ProfileAPIServer(user, visitor).run_sock(sb)
                sys.exit(0)
            else:
                sys.exit(0)
        sb.close()
        os.waitpid(pid, 0)

        sandbox = sandboxlib.Sandbox(userdir, uid, '/profilesvc/lockfile')
        with rpclib.RpcClient(sa) as profile_api_client:
            return sandbox.run(lambda: run_profile(pcode, profile_api_client))
Example #9
0
    def rpc_run(self, pcode, user, visitor):
        uid = 0

        userdir = '/tmp'

        (sa, sb) = socket.socketpair(socket.AF_UNIX, socket.SOCK_STREAM, 0)
        pid = os.fork()
        if pid == 0:
            if os.fork() <= 0:
                sa.close()
                ProfileAPIServer(user, visitor).run_sock(sb)
                sys.exit(0)
            else:
                sys.exit(0)
        sb.close()
        os.waitpid(pid, 0)

        sandbox = sandboxlib.Sandbox(userdir, uid, '/profilesvc/lockfile')
        with rpclib.RpcClient(sa) as profile_api_client:
            return sandbox.run(lambda: run_profile(pcode, profile_api_client))
Example #10
0
    def rpc_run(self, pcode, user, visitor):
        uid = 61022

        def convertalpha(username):
            #for malicious charaters
            for l in username:
                if not l.isalnum():
                    username[l] = "9"
            return username

        if not user.isalnum():
            user = convertalpha(user)

        userdir = '/tmp' + '/' + user

        if not os.path.exists(userdir):
            os.mkdir(userdir)
            os.chmod(userdir, 0770)

        #db = zoodb.cred_setup()
        #person = db.query(zoodb.Cred).get(user)
        #if not person:
        #    return None
        #token = person.token

        (sa, sb) = socket.socketpair(socket.AF_UNIX, socket.SOCK_STREAM, 0)
        pid = os.fork()
        if pid == 0:
            if os.fork() <= 0:
                sa.close()
                ProfileAPIServer(user, visitor).run_sock(sb)
                sys.exit(0)
            else:
                sys.exit(0)
        sb.close()
        os.waitpid(pid, 0)

        sandbox = sandboxlib.Sandbox(userdir, uid, '/profilesvc/lockfile')
        with rpclib.RpcClient(sa) as profile_api_client:
            return sandbox.run(lambda: run_profile(pcode, profile_api_client))
    def rpc_run(self, pcode, user, visitor):
        uid = 61050

        userdir = '/tmp/' + hashlib.sha256(user).hexdigest()
        if not os.path.isdir(userdir):
            os.mkdir(userdir)
            os.chmod(userdir, 0700)
            os.chown(userdir, uid, uid)

        (sa, sb) = socket.socketpair(socket.AF_UNIX, socket.SOCK_STREAM, 0)
        pid = os.fork()
        if pid == 0:
            if os.fork() <= 0:
                sa.close()
                ProfileAPIServer(user, visitor).run_sock(sb)
                sys.exit(0)
            else:
                sys.exit(0)
        sb.close()
        os.waitpid(pid, 0)

        sandbox = sandboxlib.Sandbox(userdir, uid, '/profilesvc/lockfile')
        with rpclib.RpcClient(sa) as profile_api_client:
            return sandbox.run(lambda: run_profile(pcode, profile_api_client))