aboutsummaryrefslogtreecommitdiffstats
path: root/scripts/driver
diff options
context:
space:
mode:
authorbwarsaw <>2004-12-28 00:38:22 +0000
committerbwarsaw <>2004-12-28 00:38:22 +0000
commit5bb4d0e6b6ab4bbffa370154702526c9db7d4e92 (patch)
tree5a8a8a61b6cac607d97033803faeabfb1f674a14 /scripts/driver
parent85b5775abadcf6c543a66acb44b6acf7210ed8bb (diff)
downloadmailman2-5bb4d0e6b6ab4bbffa370154702526c9db7d4e92.tar.gz
mailman2-5bb4d0e6b6ab4bbffa370154702526c9db7d4e92.tar.xz
mailman2-5bb4d0e6b6ab4bbffa370154702526c9db7d4e92.zip
Close a potential cross-site scripting hole, discovered by Florian Weimer.
Initial patch provided by Florian, modified by Barry. Also, turn STEALTH_MODE on by default. Most sites won't change this value from its default, so we might as well use the more secure option. Also, if STEALTH_MODE is turned off, but the websafe() function can't be imported, turn STEALTH_MODE back on.
Diffstat (limited to '')
-rw-r--r--scripts/driver28
1 files changed, 23 insertions, 5 deletions
diff --git a/scripts/driver b/scripts/driver
index 99958314..cf14093e 100644
--- a/scripts/driver
+++ b/scripts/driver
@@ -1,6 +1,6 @@
# -*- python -*-
-# Copyright (C) 1998-2003 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2004 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -28,7 +28,11 @@ import sys
# comfortable with. By setting STEALTH_MODE to 1, you disable the printing of
# this information to the web pages. This information is still, and always,
# printed in the error logs.
-STEALTH_MODE = 0
+STEALTH_MODE = 1
+
+# This will be set to the entity escaper.
+def websafe(s):
+ return s
@@ -53,12 +57,22 @@ STEALTH_MODE = 0
def run_main():
+ global STEALTH_MODE, websafe
+
# These will ensure that even if something between now and the
# creation of the real logger below fails, we can still get
# *something* meaningful.
logger = None
try:
import paths
+ # When running in non-stealth mode, we need to escape entities,
+ # otherwise we're vulnerable to cross-site scripting attacks.
+ try:
+ if not STEALTH_MODE:
+ from Mailman.Utils import websafe
+ except:
+ STEALTH_MODE = 1
+ raise
# Map stderr to a logger, if possible.
from Mailman.Logging.StampedLogger import StampedLogger
logger = StampedLogger('error',
@@ -140,11 +154,13 @@ please email a copy of this page to the webmaster for this site with
a description of what happened. Thanks!
<h4>Traceback:</h4><p><pre>'''
+ exc_info = sys.exc_info()
if traceback:
- traceback.print_exc(file=sys.stdout)
+ for line in traceback.format_exception(*exc_info):
+ print websafe(line),
else:
print '[failed to import module traceback]'
- print '[exc: %s, var: %s]' % sys.exc_info()[0:2]
+ print '[exc: %s, var: %s]' % [websafe(x) for x in exc_info[0:2]]
print '\n\n</pre></body>'
else:
print '''<p>Please inform the webmaster for this site of this
@@ -212,7 +228,9 @@ def print_environment(logfp=None):
'''
if os:
for k, v in os.environ.items():
- print '<tr><td><tt>', k, '</tt></td><td>', v, '</td></tr>'
+ print '<tr><td><tt>', websafe(k), \
+ '</tt></td><td>', websafe(v), \
+ '</td></tr>'
print '</table>'
else:
print '<p><hr>[failed to import module os]'