Congegni/sintonia
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

CC-2480: media-monitor needs to ensure permissions before importing

Browse source 
-fixed
This commit is contained in:
martin 2011-07-08 17:03:49 -04:00
parent 04e4eb7fc1
commit 98173d5e53
2 changed files with 21 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

9
python_apps/media-monitor/airtimefilemonitor/airtimenotifier.py
View file

@ -66,13 +66,10 @@ class AirtimeNotifier(Notifier):
elif m['event_type'] == "new_watch": elif m['event_type'] == "new_watch":
mm = self.proc_fun() mm = self.proc_fun()
if mm.has_correct_permissions(m['directory']): self.logger.info("AIRTIME NOTIFIER add watched folder event " + m['directory'])
self.logger.info("AIRTIME NOTIFIER add watched folder event " + m['directory']) self.walk_newly_watched_directory(m['directory'])
self.walk_newly_watched_directory(m['directory'])
mm.watch_directory(m['directory']) mm.watch_directory(m['directory'])
else:
self.logger.warn("filepath '%s' has does not have sufficient read permissions. Ignoring.", full_filepath)
elif m['event_type'] == "remove_watch": elif m['event_type'] == "remove_watch":
watched_directory = m['directory'].encode('utf-8') watched_directory = m['directory'].encode('utf-8')

23
python_apps/media-monitor/airtimefilemonitor/airtimeprocessevent.py
View file

@ -75,12 +75,25 @@ class AirtimeProcessEvent(ProcessEvent):
else: else:
return False return False
#file needs to be readable by all users, and directories #check if file is readable by "nobody"
#up to this file needs to be readable AND executable by all
#users.
def has_correct_permissions(self, filepath): def has_correct_permissions(self, filepath):
st = os.stat(filepath) #drop root permissions and become "nobody"
return bool(st.st_mode & stat.S_IROTH) os.seteuid(65534)
try:
open(filepath)
readable = True
except IOError:
self.logger.warn("File does not have correct permissions: '%s'", filepath)
readable = False
except Exception, e:
self.logger.error("Unexpected exception thrown: %s", e)
readable = False
finally:
#reset effective user to root
os.seteuid(0)
return readable
def set_needed_file_permissions(self, item, is_dir): def set_needed_file_permissions(self, item, is_dir):