diff options
author | bwarsaw <> | 2004-12-28 00:38:22 +0000 |
---|---|---|
committer | bwarsaw <> | 2004-12-28 00:38:22 +0000 |
commit | 5bb4d0e6b6ab4bbffa370154702526c9db7d4e92 (patch) | |
tree | 5a8a8a61b6cac607d97033803faeabfb1f674a14 | |
parent | 85b5775abadcf6c543a66acb44b6acf7210ed8bb (diff) | |
download | mailman2-5bb4d0e6b6ab4bbffa370154702526c9db7d4e92.tar.gz mailman2-5bb4d0e6b6ab4bbffa370154702526c9db7d4e92.tar.xz mailman2-5bb4d0e6b6ab4bbffa370154702526c9db7d4e92.zip |
Close a potential cross-site scripting hole, discovered by Florian Weimer.
Initial patch provided by Florian, modified by Barry.
Also, turn STEALTH_MODE on by default. Most sites won't change this value
from its default, so we might as well use the more secure option. Also, if
STEALTH_MODE is turned off, but the websafe() function can't be imported, turn
STEALTH_MODE back on.
-rw-r--r-- | scripts/driver | 28 |
1 files changed, 23 insertions, 5 deletions
diff --git a/scripts/driver b/scripts/driver index 99958314..cf14093e 100644 --- a/scripts/driver +++ b/scripts/driver @@ -1,6 +1,6 @@ # -*- python -*- -# Copyright (C) 1998-2003 by the Free Software Foundation, Inc. +# Copyright (C) 1998-2004 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -28,7 +28,11 @@ import sys # comfortable with. By setting STEALTH_MODE to 1, you disable the printing of # this information to the web pages. This information is still, and always, # printed in the error logs. -STEALTH_MODE = 0 +STEALTH_MODE = 1 + +# This will be set to the entity escaper. +def websafe(s): + return s @@ -53,12 +57,22 @@ STEALTH_MODE = 0 def run_main(): + global STEALTH_MODE, websafe + # These will ensure that even if something between now and the # creation of the real logger below fails, we can still get # *something* meaningful. logger = None try: import paths + # When running in non-stealth mode, we need to escape entities, + # otherwise we're vulnerable to cross-site scripting attacks. + try: + if not STEALTH_MODE: + from Mailman.Utils import websafe + except: + STEALTH_MODE = 1 + raise # Map stderr to a logger, if possible. from Mailman.Logging.StampedLogger import StampedLogger logger = StampedLogger('error', @@ -140,11 +154,13 @@ please email a copy of this page to the webmaster for this site with a description of what happened. Thanks! <h4>Traceback:</h4><p><pre>''' + exc_info = sys.exc_info() if traceback: - traceback.print_exc(file=sys.stdout) + for line in traceback.format_exception(*exc_info): + print websafe(line), else: print '[failed to import module traceback]' - print '[exc: %s, var: %s]' % sys.exc_info()[0:2] + print '[exc: %s, var: %s]' % [websafe(x) for x in exc_info[0:2]] print '\n\n</pre></body>' else: print '''<p>Please inform the webmaster for this site of this @@ -212,7 +228,9 @@ def print_environment(logfp=None): ''' if os: for k, v in os.environ.items(): - print '<tr><td><tt>', k, '</tt></td><td>', v, '</td></tr>' + print '<tr><td><tt>', websafe(k), \ + '</tt></td><td>', websafe(v), \ + '</td></tr>' print '</table>' else: print '<p><hr>[failed to import module os]' |