Exemple #1
0
def os_rename(src, dst):
    original_function = ORIGINALS["rename"]
    assert original_function is not None

    if type(src) != str or type(dst) != str:
        return original_function(src, dst)
    else:
        src_abspath = os.path.abspath(src)
        dst_abspath = os.path.abspath(dst)
        if not common.is_in_safe_directories(src_abspath):
            msg = "You shouldn't be removing files in {}!".format(src_abspath)
            raise common.ShieldError(msg)
        elif not common.is_in_safe_directories(dst_abspath):
            msg = "You shouldn't be writing files to {}!".format(dst_abspath)
            raise common.ShieldError(msg)
        else:
            return original_function(src, dst)
Exemple #2
0
    def aux(source, link_name):
        original_function = ORIGINALS[function_name]
        assert original_function is not None

        if type(source) != str or type(link_name) != str:
            return original_function(source, link_name)
        else:
            abspath = os.path.abspath(link_name)
            if common.is_in_safe_directories(abspath):
                return original_function(source, link_name)
            else:
                msg = "You shouldn't be linking to {}!".format(abspath)
                raise common.ShieldError(msg)
Exemple #3
0
    def aux(path, uid, gid):
        original_function = ORIGINALS[function_name]
        assert original_function is not None

        if type(path) != str or type(uid) != int or type(gid) != int:
            return original_function(path, uid, gid)
        else:
            abspath = os.path.abspath(path)
            if common.is_in_safe_directories(abspath):
                return original_function(abspath, uid, gid)
            else:
                msg = "You shouldn't be {} in {}!".format(
                    present_participle, abspath)
                raise common.ShieldError(msg)
Exemple #4
0
def os_open(name, flags, mode=0777):
    original_open = ORIGINALS["open"]
    assert original_open is not None

    if type(name) != str or type(flags) != int or flags == os.O_RDONLY:
        return original_open(name, flags, mode)
    elif any([
            flags & f for f in
        [os.O_WRONLY, os.O_RDWR, os.O_APPEND, os.O_CREAT, os.O_TRUNC]
    ]):
        path = os.path.abspath(name)
        if common.is_in_safe_directories(path):
            return original_open(path, flags, mode)
        else:
            raise common.ShieldError("You shouldn't "
                                     "be writing to {}!".format(path))
    else:
        # Something is really weird
        return original_open(name, flags, mode)
Exemple #5
0
def builtin_open(name, mode="r", buffering=-1):
    original_open = ORIGINALS["open"]
    assert original_open is not None

    if type(name) != str or type(mode) != str or mode == "r":
        return original_open(name, mode, buffering)
    elif (mode == "w" or
          mode == "a" or
          mode == "w+" or
          mode == "a+" or
          mode == "r+"):
        # See flowchart at
        # https://stackoverflow.com/questions/1466000/python-open-built-in-function-difference-between-modes-a-a-w-w-and-r
        path = os.path.abspath(name)
        if common.is_in_safe_directories(path):
            return original_open(path, mode, buffering)
        else:
            raise common.ShieldError("You shouldn't "
                                     "be writing to {}!".format(path))
    else:
        # Otherwise, some weird mode is requested,
        #   let python's open handle it
        return original_open(name, mode, buffering)
Exemple #6
0
def builtin_file(name, mode="r", buffering=-1):
    raise common.ShieldError("Please use open() instead.")