From patchwork Sat Nov 23 16:18:32 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lukas Fleischer X-Patchwork-Id: 1386 Return-Path: Delivered-To: patchwork@archlinux.org Received: from apollo.archlinux.org (localhost [127.0.0.1]) by apollo.archlinux.org (Postfix) with ESMTP id B0E11153BB104 for ; Sat, 23 Nov 2019 16:17:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on apollo.archlinux.org X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1,DKIM_VALID=-0.1,DKIM_VALID_AU=-0.1, MAILING_LIST_MULTI=-1,RCVD_IN_DNSWL_MED=-2.3,SPF_HELO_NONE=0.001, T_DMARC_POLICY_NONE=0.01 autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-BL-Results: [127.0.9.2] [127.0.0.4] Received: from orion.archlinux.org (orion.archlinux.org [88.198.91.70]) by apollo.archlinux.org (Postfix) with ESMTPS for ; Sat, 23 Nov 2019 16:17:27 +0000 (UTC) Received: from orion.archlinux.org (localhost [127.0.0.1]) by orion.archlinux.org (Postfix) with ESMTP id 8B9C516D10C543; Sat, 23 Nov 2019 16:17:18 +0000 (UTC) Received: from luna.archlinux.org (luna.archlinux.org [5.9.250.164]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits)) (No client certificate requested) (Authenticated sender: luna) by orion.archlinux.org (Postfix) with ESMTPSA id 4C29616D10C53F; Sat, 23 Nov 2019 16:17:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=archlinux.org; s=orion; t=1574525838; bh=LvGpHnKWSDxQg5DgLIxHgh6V/pASILIvux1MFRmMnOY=; h=From:To:Subject:Date:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe; b=BHh8QaiF+2TDP5IsVagNMjmZtfEw0kDqDXUSqrZyrjPggBijPkLz1Qzdu+AII8EtH UXRFt8N33VOV9j6nFOGjLOVZm9ChORIbJKQVTlXoUu+1lbxv8Zczs2mfk6yHZA2EXp DerkD1thrYrBMpOsCJxZJF+PQ42KBNA7VT20luvm231sBbjYmBf7hL4X25Zrgjyx/J R3hnrHT/4+rraOJx18+6ZHfIvVgtAOfVj4rP9MUQjdQQ0bEiEwF16T1q81CRzvSdKY fuBSurucrKKnBeN1BN1JYTzvbxnH5We6DOZfvZNg6kx7dLt8p8V55MbXTY+jLPNfZG gQDtAGIm8F9USNxp/gOgsnM/sMhK8z+hT0tP1fnHJq45FzOPY4wQaZ4jbevphcXZvn wG6nR7EKHNBZqzhCYKab+rWtf+Do0oV/xHibKoSxlXJRaa857Ah2/H+l+uSJEdxKfn jg5nbCWnx4/zuOttKA/xfBD78Ef4Qiz1yTJUs/1oH87w6JY0Ep829qVZCYDWMUFY3j qj1g1JUB8BvrKcT9kEqzFTsMAoWwIka2B3ZWoN68Qlq3D0sbsJtmkATofYPC34H4QU XvavgklzT/86Uu98+eoSHXIIDlkHtc/I8FfZ5+JQnZ1mjB0BrIehb+rhg2jg4umP6l GuhnhL6ja3jW4N6m/3GDG98Y= Received: from luna.archlinux.org (luna.archlinux.org [127.0.0.1]) by luna.archlinux.org (Postfix) with ESMTP id 2D6612B398; Sat, 23 Nov 2019 16:17:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=archlinux.org; s=luna2; t=1574525838; bh=LvGpHnKWSDxQg5DgLIxHgh6V/pASILIvux1MFRmMnOY=; h=From:To:Subject:Date:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe; b=LWdVr0N81SzTeiN+Tx2MECU+iCJcxKwyqgjhQlH0/TbNYkdKD6OwWIWDgC2XmA+s7 fer5s0y9zOUeTl2f3AHD/fyZ/CD01vSuiwXqmpsZsK1hlk/5LM/OPTYJQcspa3O92S 9DZ6aKQ+zOAfjAlB6DEtcLc+1SX/0XqSIT9XcPWUjWQ0mXMNus2mnGR1UIKIH/XygJ 6eUF4+eju+AGRX7XD4Fq9dPU7Hi2566wX5tWRVLpIWh9YMc28kDulAcJYAVkSlTUlq jgW7zfMg43YSVX7yL7NauAC/GoiuNSR6g6ByaOqSnSllc8Dd0+1rPRlLfi6qcvr8O9 l+bpUl1FWdC97+3I0JdRwdFLkAflQWUNXKlGu0jrHpCSH8L3amN77rRZNbInqbkl+U yGxmTv7eL2x8F6RJBlKDQdfGcibb6OHnS9ctLJQyZUGdiLrbW6VsC4j9pG/HA7Ir3j SwYbboSgOQ/9up9tBn5oY2ASnxEnEBEr9pOmx8VnJvv59OV3OK8EayTt75W1fy+4dP sRVie14u7EYfILqrk2SeQPTGtPGwJRYz5y+YbIgGaTizzItDKA/Yc+Vf3iBKpP6GK1 CSJPVNBkPrDJYEbGWX1Xr5J0bXTVmbIHZtuv1ZK9+zPBe8+W/SddmEoL7H89sSnY4q 8Vy9CCgmKFreADgcEaw+ELy8= Received: from luna.archlinux.org (luna.archlinux.org [127.0.0.1]) by luna.archlinux.org (Postfix) with ESMTP id 34D472B391 for ; Sat, 23 Nov 2019 16:17:15 +0000 (UTC) Received: from orion.archlinux.org (orion.archlinux.org [IPv6:2a01:4f8:160:6087::1]) by luna.archlinux.org (Postfix) with ESMTPS for ; Sat, 23 Nov 2019 16:17:15 +0000 (UTC) Received: from orion.archlinux.org (localhost [127.0.0.1]) by orion.archlinux.org (Postfix) with ESMTP id 020C716D10C53B for ; Sat, 23 Nov 2019 16:17:14 +0000 (UTC) Received: from localhost (unknown [72.138.14.22]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: lfleischer) by orion.archlinux.org (Postfix) with ESMTPSA id 366CC16D10C53A for ; Sat, 23 Nov 2019 16:17:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=archlinux.org; s=orion; t=1574525833; bh=LvGpHnKWSDxQg5DgLIxHgh6V/pASILIvux1MFRmMnOY=; h=From:To:Subject:Date; b=aMVPRX9dHbIzh25ToTHkaAZVSuZl6r1T/wq21gHORpNd34+2/fcYkXD7XP9Ajgf6Z jZM1JIxgEJcNieRCfAZyUgBqmWRycPAgVYIkM5Glit4ImtTrnkrTQx+KPG1MnBQZ6F i527wo1HhxvPHtONoaV6WUNfY5JTYqKcglFsirVc48x001w9ak9+TMM0gcPQyx2FMJ WqYT/09V9HSG8oGiDj9K9ZbZuy41tDEJe4+LkOcDCmfszH/kN35oc6Sd17cdyw56wr 5dfU+Zx6+MFPcTFlCg2le38LiRTgdhzI3vKE2E6OtAtTEW8LoHtiesJY7vLGXhH08h Ptya80HaDtrpjTmT3ONIw7xwCvx5+unxDuXvi6o0ol7ncA+pL8PKzeVa5RV+zuixWM f/25UM+e3uYPR/U0UtpXvPByQHtWM0c6kQhMbi8laz9dgHK6Ena0TnsnTzIyGCRshq LsyuQUS3BScVa6McAaSoJEp/ZI/hVpvbj/dlA4fXtGFsNlDzS0MwFN/qqVEJGTdk4x dJqAbyvs98FA1+0qH83q8/bWirij4Aq1qgLPhkI+lE3Y65XHyihMEqY8GpTjcm5K9n 0XQQGY4JOBVE43r19tW6DTa8PkkaSTot24b10pje9U/6IIgzh0aQoRSYQGeqM13M7R WLZ4/ZyhpYkhHPT3tFfHFJcA= From: Lukas Fleischer To: aur-dev@archlinux.org Subject: [PATCH] git-serve: check update hook permissions Date: Sat, 23 Nov 2019 11:18:32 -0500 Message-Id: <20191123161832.41651-1-lfleischer@archlinux.org> X-Mailer: git-send-email 2.24.0 MIME-Version: 1.0 X-BeenThere: aur-dev@archlinux.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Arch User Repository \(AUR\) Development" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: aur-dev-bounces@archlinux.org Sender: "aur-dev" Verify that the update hook exists and is executable before running Git to prevent from broken repositories when permissions are broken. Signed-off-by: Lukas Fleischer --- aurweb/exceptions.py | 6 ++++++ aurweb/git/serve.py | 3 +++ 2 files changed, 9 insertions(+) diff --git a/aurweb/exceptions.py b/aurweb/exceptions.py index 664db68..6201528 100644 --- a/aurweb/exceptions.py +++ b/aurweb/exceptions.py @@ -16,6 +16,12 @@ class PermissionDeniedException(AurwebException): super(PermissionDeniedException, self).__init__(msg) +class BrokenUpdateHookException(AurwebException): + def __init__(self, cmd): + msg = 'broken update hook: {:s}'.format(cmd) + super(BrokenUpdateHookException, self).__init__(msg) + + class InvalidUserException(AurwebException): def __init__(self, user): msg = 'unknown user: {:s}'.format(user) diff --git a/aurweb/git/serve.py b/aurweb/git/serve.py index 2882780..d43523c 100755 --- a/aurweb/git/serve.py +++ b/aurweb/git/serve.py @@ -496,6 +496,9 @@ def serve(action, cmdargv, user, privileged, remote_addr): if not privileged and not pkgbase_has_write_access(pkgbase, user): raise aurweb.exceptions.PermissionDeniedException(user) + if not os.access(git_update_cmd, os.R_OK | os.X_OK): + raise aurweb.exceptions.BrokenUpdateHookException(git_update_cmd) + os.environ["AUR_USER"] = user os.environ["AUR_PKGBASE"] = pkgbase os.environ["GIT_NAMESPACE"] = pkgbase