mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

git-annex-shell: GIT_ANNEX_SHELL_DIRECTORY can be set to limit it to operating on a specified directory.

Browse source
This commit is contained in:
Joey Hess 2012-11-05 11:29:12 -04:00
parent b528218b0c
commit bd230efa56
3 changed files with 31 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

29
GitAnnexShell.hs
View file

@ -1,13 +1,13 @@
{- git-annex-shell main program {- git-annex-shell main program
- -
- Copyright 2010 Joey Hess <joey@kitenet.net> - Copyright 2010-2012 Joey Hess <joey@kitenet.net>
- -
- Licensed under the GNU GPL version 3 or higher. - Licensed under the GNU GPL version 3 or higher.
-} -}
module GitAnnexShell where module GitAnnexShell where
import System.Environment import System.Posix.Env
import System.Console.GetOpt import System.Console.GetOpt
import Common.Annex import Common.Annex
@ -86,6 +86,7 @@ builtins = map cmdname cmds
builtin :: String -> String -> [String] -> IO () builtin :: String -> String -> [String] -> IO ()
builtin cmd dir params = do builtin cmd dir params = do
checkNotReadOnly cmd checkNotReadOnly cmd
checkDirectory $ Just dir
let (params', fieldparams) = partitionParams params let (params', fieldparams) = partitionParams params
let fields = filter checkField $ parseFields fieldparams let fields = filter checkField $ parseFields fieldparams
dispatch False (cmd : params') cmds options fields header $ dispatch False (cmd : params') cmds options fields header $
@ -93,6 +94,9 @@ builtin cmd dir params = do
external :: [String] -> IO () external :: [String] -> IO ()
external params = do external params = do
{- Normal git-shell commands all have the directory as their last
- parameter. -}
checkDirectory $ lastMaybe params
checkNotLimited checkNotLimited
unlessM (boolSystem "git-shell" $ map Param $ "-c":fst (partitionParams params)) $ unlessM (boolSystem "git-shell" $ map Param $ "-c":fst (partitionParams params)) $
error "git-shell failed" error "git-shell failed"
@ -131,7 +135,22 @@ checkNotReadOnly cmd
| cmd `elem` map cmdname cmds_readonly = noop | cmd `elem` map cmdname cmds_readonly = noop
| otherwise = checkEnv "GIT_ANNEX_SHELL_READONLY" | otherwise = checkEnv "GIT_ANNEX_SHELL_READONLY"
checkDirectory :: Maybe FilePath -> IO ()
checkDirectory mdir = do
v <- getEnv "GIT_ANNEX_SHELL_DIRECTORY"
case (v, mdir) of
(Nothing, _) -> noop
(Just d, Nothing) -> req d
(Just d, Just dir)
| d `equalFilePath` dir -> noop
| otherwise -> req d
where
req d = error $ "Only allowed to access " ++ d
checkEnv :: String -> IO () checkEnv :: String -> IO ()
checkEnv var = checkEnv var = do
whenM (not . null <$> catchDefaultIO "" (getEnv var)) $ v <- getEnv var
error $ "Action blocked by " ++ var case v of
Nothing -> noop
Just "" -> noop
Just _ -> error $ "Action blocked by " ++ var

2
debian/changelog vendored
View file

@ -40,6 +40,8 @@ git-annex (3.20121018) UNRELEASED; urgency=low
* webapp: Generate better git remote names. * webapp: Generate better git remote names.
* webapp: Ensure that rsync special remotes are enabled using the same * webapp: Ensure that rsync special remotes are enabled using the same
name they were originally created using. name they were originally created using.
* git-annex-shell: GIT_ANNEX_SHELL_DIRECTORY can be set to limit it
to operating on a specified directory.
-- Joey Hess <joeyh@debian.org> Wed, 17 Oct 2012 14:24:10 -0400 -- Joey Hess <joeyh@debian.org> Wed, 17 Oct 2012 14:24:10 -0400

5
doc/git-annex-shell.mdwn
View file

@ -95,6 +95,11 @@ changed.
If set, disallows running git-shell to handle unknown commands. If set, disallows running git-shell to handle unknown commands.
* GIT_ANNEX_SHELL_DIRECTORY
If set, git-annex-shell will refuse to run commands that do not operate
on the specified directory.
# SEE ALSO # SEE ALSO
[[git-annex]](1) [[git-annex]](1)