diff options
Diffstat (limited to 'bzrlib/transport/chroot.py')
-rw-r--r-- | bzrlib/transport/chroot.py | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/bzrlib/transport/chroot.py b/bzrlib/transport/chroot.py new file mode 100644 index 0000000..cc8b0ac --- /dev/null +++ b/bzrlib/transport/chroot.py @@ -0,0 +1,69 @@ +# Copyright (C) 2006-2010 Canonical Ltd +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + +"""Implementation of Transport that prevents access to locations above a set +root. +""" + +from __future__ import absolute_import + +from bzrlib.transport import ( + pathfilter, + register_transport, + ) + + +class ChrootServer(pathfilter.PathFilteringServer): + """User space 'chroot' facility. + + The server's get_url returns the url for a chroot transport mapped to the + backing transport. The url is of the form chroot-xxx:/// so parent + directories of the backing transport are not visible. The chroot url will + not allow '..' sequences to result in requests to the chroot affecting + directories outside the backing transport. + + PathFilteringServer does all the path sanitation needed to enforce a + chroot, so this is a simple subclass of PathFilteringServer that ignores + filter_func. + """ + + def __init__(self, backing_transport): + pathfilter.PathFilteringServer.__init__(self, backing_transport, None) + + def _factory(self, url): + return ChrootTransport(self, url) + + def start_server(self): + self.scheme = 'chroot-%d:///' % id(self) + register_transport(self.scheme, self._factory) + + +class ChrootTransport(pathfilter.PathFilteringTransport): + """A ChrootTransport. + + Please see ChrootServer for details. + """ + + def _filter(self, relpath): + # A simplified version of PathFilteringTransport's _filter that omits + # the call to self.server.filter_func. + return self._relpath_from_server_root(relpath) + + +def get_test_permutations(): + """Return the permutations to be used in testing.""" + from bzrlib.tests import test_server + return [(ChrootTransport, test_server.TestingChrootServer)] |