49 lines
1.8 KiB
Diff
49 lines
1.8 KiB
Diff
diff -up pyxdg-0.25/xdg/BaseDirectory.py.CVE-2014-1624 pyxdg-0.25/xdg/BaseDirectory.py
|
|
--- pyxdg-0.25/xdg/BaseDirectory.py.CVE-2014-1624 2014-12-04 11:49:53.681654931 -0500
|
|
+++ pyxdg-0.25/xdg/BaseDirectory.py 2014-12-04 11:52:45.831522703 -0500
|
|
@@ -25,7 +25,7 @@ Typical usage:
|
|
Note: see the rox.Options module for a higher-level API for managing options.
|
|
"""
|
|
|
|
-import os
|
|
+import os, stat
|
|
|
|
_home = os.path.expanduser('~')
|
|
xdg_data_home = os.environ.get('XDG_DATA_HOME') or \
|
|
@@ -131,15 +131,29 @@ def get_runtime_dir(strict=True):
|
|
|
|
import getpass
|
|
fallback = '/tmp/pyxdg-runtime-dir-fallback-' + getpass.getuser()
|
|
+ create = False
|
|
try:
|
|
- os.mkdir(fallback, 0o700)
|
|
+ # This must be a real directory, not a symlink, so attackers can't
|
|
+ # point it elsewhere. So we use lstat to check it.
|
|
+ st = os.lstat(fallback)
|
|
except OSError as e:
|
|
import errno
|
|
- if e.errno == errno.EEXIST:
|
|
- # Already exists - set 700 permissions again.
|
|
- import stat
|
|
- os.chmod(fallback, stat.S_IRUSR|stat.S_IWUSR|stat.S_IXUSR)
|
|
- else: # pragma: no cover
|
|
+ if e.errno == errno.ENOENT:
|
|
+ create = True
|
|
+ else:
|
|
raise
|
|
+ else:
|
|
+ # The fallback must be a directory
|
|
+ if not stat.S_ISDIR(st.st_mode):
|
|
+ os.unlink(fallback)
|
|
+ create = True
|
|
+ # Must be owned by the user and not accessible by anyone else
|
|
+ elif (st.st_uid != os.getuid()) \
|
|
+ or (st.st_mode & (stat.S_IRWXG | stat.S_IRWXO)):
|
|
+ os.rmdir(fallback)
|
|
+ create = True
|
|
+
|
|
+ if create:
|
|
+ os.mkdir(fallback, 0o700)
|
|
|
|
return fallback
|