|
version 1.18, 2007/04/10 20:32:13
|
version 1.22, 2010/10/12 09:53:45
|
|
Line 2
|
Line 2
|
| |
|
| # The Learning Online Network with CAPA |
# The Learning Online Network with CAPA |
| # |
# |
| |
# $Id$ |
| |
# |
| # Copyright Michigan State University Board of Trustees |
# Copyright Michigan State University Board of Trustees |
| # |
# |
| # This file is part of the LearningOnline Network with CAPA (LON-CAPA). |
# This file is part of the LearningOnline Network with CAPA (LON-CAPA). |
|
Line 76 use LONCAPA qw(:match);
|
Line 78 use LONCAPA qw(:match);
|
| $ENV{'PATH'} = '/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; |
$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; |
| delete @ENV{qw{IFS CDPATH ENV BASH_ENV}}; |
delete @ENV{qw{IFS CDPATH ENV BASH_ENV}}; |
| |
|
| my $DEBUG = 1; # .nonzero -> Debug printing enabled. |
my $DEBUG = 0; # .nonzero -> Debug printing enabled. |
| my $path_sep = "/"; # Unix like operating systems. |
my $path_sep = "/"; # Unix like operating systems. |
| |
|
| |
|
|
Line 86 if ($DEBUG) {
|
Line 88 if ($DEBUG) {
|
| print("Checking uid...\n"); |
print("Checking uid...\n"); |
| } |
} |
| my $wwwid = getpwnam('www'); |
my $wwwid = getpwnam('www'); |
| &DisableRoot; |
|
| if($wwwid != $>) { |
if($wwwid != $<) { |
| if ($DEBUG) { |
if ($DEBUG) { |
| print("User ID incorrect. This program must be run as user 'www'\n"); |
print("User ID incorrect. This program must be run as user 'www'\n"); |
| } |
} |
|
Line 127 if( $authentication ne "unix:" &&
|
Line 129 if( $authentication ne "unix:" &&
|
| $authentication ne "localauth:") { |
$authentication ne "localauth:") { |
| if($DEBUG) { |
if($DEBUG) { |
| print("Invalid authentication parameter: ".$authentication."\n"); |
print("Invalid authentication parameter: ".$authentication."\n"); |
| print("Should be one of: unix, internal, krb4, localauth\n"); |
print("Should be one of-- unix: internal: krb4: krb5: localauth:\n"); |
| } |
} |
| exit 3; |
exit 3; |
| } |
} |
|
Line 156 if($username ne $safeuser) {
|
Line 158 if($username ne $safeuser) {
|
| #untaint the base directory require that the dir contain only |
#untaint the base directory require that the dir contain only |
| # alphas, / numbers or underscores, and end in /$safeuser |
# alphas, / numbers or underscores, and end in /$safeuser |
| |
|
| $dir =~ /(^([\w\/\.\-]+))/; |
|
| |
|
| my $dirtry1 = $1; |
|
| |
|
| $dir =~ /$\/$safeuser/; |
my ($allowed_dir) = ($dir =~ m{(^([/]|$match_username)+)}); |
| my $dirtry2 = $1; |
|
| |
|
| if(($dirtry1 ne $dir) or ($dirtry2 ne $dir)) { |
my $has_correct_end = ($dir =~ m{/\Q$safeuser\E$}); |
| |
|
| |
if(($allowed_dir ne $dir) or (!$has_correct_end)) { |
| if ($DEBUG) { |
if ($DEBUG) { |
| print("Directory $dir is not a valid home for $safeuser\n"); |
print("Directory $dir is not a valid home for $safeuser\n"); |
| } |
} |
| exit 5; |
exit 5; |
| } |
} |
| |
|
| |
|
| # As root, create the directory. |
# As root, create the directory. |
| |
|
| my $homedir = $dirtry1; |
my $homedir = $allowed_dir; |
| my $fulldir = $homedir."/public_html"; |
my $fulldir = $homedir."/public_html"; |
| |
|
| if($DEBUG) { |
if($DEBUG) { |
| print("Full directory path is: $fulldir \n"); |
print("Full directory path is: $fulldir \n"); |
| } |
} |
| if(!( -e $dirtry1)) { |
if(!( -e $homedir)) { |
| if($DEBUG) { |
if($DEBUG) { |
| print("User's home directory $dirtry1 does not exist\n"); |
print("User's home directory $homedir does not exist\n"); |
| } |
} |
| if ($authentication eq "unix:") { |
if ($authentication eq "unix:") { |
| exit 6; |
exit 6; |
![[BACK]](/icons/back.gif){kind=icon}
Return to lchtmldir CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom