diff options
author | bescoto <bescoto@2b77aa54-bcbc-44c9-a7ec-4f6cf2b41109> | 2005-08-20 06:06:07 +0000 |
---|---|---|
committer | bescoto <bescoto@2b77aa54-bcbc-44c9-a7ec-4f6cf2b41109> | 2005-08-20 06:06:07 +0000 |
commit | 420600f59943b8fd20a3cc6853b1d6e7a1bb2bb1 (patch) | |
tree | 720ebd447a5089be8449ef0470c6484912f1edfa /rdiff-backup/testing | |
parent | 5be6706fff0ebbe54517ce39a9c8efe7fcf8d4b0 (diff) | |
download | rdiff-backup-420600f59943b8fd20a3cc6853b1d6e7a1bb2bb1.tar.gz |
Fix for bug 14209 (security violation with --restrict)
git-svn-id: http://svn.savannah.nongnu.org/svn/rdiff-backup/trunk@625 2b77aa54-bcbc-44c9-a7ec-4f6cf2b41109
Diffstat (limited to 'rdiff-backup/testing')
-rw-r--r-- | rdiff-backup/testing/regressiontest.py | 4 | ||||
-rw-r--r-- | rdiff-backup/testing/securitytest.py | 16 | ||||
-rwxr-xr-x | rdiff-backup/testing/server.py | 4 |
3 files changed, 20 insertions, 4 deletions
diff --git a/rdiff-backup/testing/regressiontest.py b/rdiff-backup/testing/regressiontest.py index 18ec1a3..427ed83 100644 --- a/rdiff-backup/testing/regressiontest.py +++ b/rdiff-backup/testing/regressiontest.py @@ -12,7 +12,9 @@ testfiles Globals.set('change_source_perms', 1) Globals.counter = 0 -log.Log.setverbosity(7) +Globals.security_level = "override" +log.Log.setverbosity(3) + def get_local_rp(extension): return rpath.RPath(Globals.local_connection, "testfiles/" + extension) diff --git a/rdiff-backup/testing/securitytest.py b/rdiff-backup/testing/securitytest.py index f8796ff..cd83635 100644 --- a/rdiff-backup/testing/securitytest.py +++ b/rdiff-backup/testing/securitytest.py @@ -1,4 +1,4 @@ -import os, unittest, time +import os, unittest, time, traceback, sys from commontest import * import rdiff_backup.Security as Security @@ -12,7 +12,10 @@ class SecurityTest(unittest.TestCase): problem. """ - assert isinstance(exc, Security.Violation), exc + if not isinstance(exc, Security.Violation): + type, value, tb = sys.exc_info() + print "".join(traceback.format_tb(tb)) + raise exc #assert str(exc).find("Security") >= 0, "%s\n%s" % (exc, repr(exc)) def test_vet_request_ro(self): @@ -188,6 +191,15 @@ class SecurityTest(unittest.TestCase): extra_args = '-r now', success = 0) + def test_restrict_bug(self): + """Test for bug 14209 --- mkdir outside --restrict arg""" + Myrm('testfiles/output') + self.secure_rdiff_backup('testfiles/various_file_types', + 'testfiles/output', 1, + '--restrict foobar', success = 0) + output = rpath.RPath(Globals.local_connection, 'testfiles/output') + assert not output.lstat() + if __name__ == "__main__": unittest.main() diff --git a/rdiff-backup/testing/server.py b/rdiff-backup/testing/server.py index b5d265d..4dc786f 100755 --- a/rdiff-backup/testing/server.py +++ b/rdiff-backup/testing/server.py @@ -23,10 +23,12 @@ if len(sys.argv) > 2: try: if len(sys.argv) == 2: sys.path.insert(0, sys.argv[1]) import rdiff_backup.Globals + import rdiff_backup.Security from rdiff_backup.connection import * except (OSError, IOError, ImportError): print_usage() raise -#Log.setverbosity(9) +#log.Log.setverbosity(5) +rdiff_backup.Globals.security_level = "override" PipeConnection(sys.stdin, sys.stdout).Server() |