Fossil

Check-in [7ba10f1a6a]
Login

Check-in [7ba10f1a6a]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:When the "http" command is run as root, automatically set up a chroot jail and drop root privileges prior to reading any input.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 7ba10f1a6ae0d828af9250e257e162a6c5ffc4c4
User & Date: drh 2009-08-31 00:48:44.000
Context
2009-09-02
03:14
Make headings look prettier when using text-based www clients like "elinks". ... (check-in: 449094a8ff user: bch tags: trunk)
2009-08-31
00:48
When the "http" command is run as root, automatically set up a chroot jail and drop root privileges prior to reading any input. ... (check-in: 7ba10f1a6a user: drh tags: trunk)
00:09
When listing the history of a file, show the check-in associated with each new version of that file. ... (check-in: 96c1043c61 user: drh tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/main.c. 
25
26
27
28
29
30
31



32
33
34
35
36
37
38

** program is invoked.
*/
#include "config.h"
#include "main.h"
#include <string.h>
#include <time.h>
#include <fcntl.h>




#if INTERFACE

/*
** Number of elements in an array
*/
#define count(X)  (sizeof(X)/sizeof(X[0]))








>
>
>








25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

** program is invoked.
*/
#include "config.h"
#include "main.h"
#include <string.h>
#include <time.h>
#include <fcntl.h>
#include <sys/types.h>
#include <sys/stat.h>


#if INTERFACE

/*
** Number of elements in an array
*/
#define count(X)  (sizeof(X)/sizeof(X[0]))

678
679
680
681
682
683
684



















685
686
687
688
689
690
691

** repository.
*/
void cmd_http(void){
  const char *zIpAddr;
  if( g.argc!=2 && g.argc!=3 && g.argc!=6 ){
    cgi_panic("no repository specified");
  }



















  g.cgiPanic = 1;
  g.fullHttpReply = 1;
  if( g.argc==6 ){
    g.httpIn = fopen(g.argv[3], "rb");
    g.httpOut = fopen(g.argv[4], "wb");
    zIpAddr = g.argv[5];
  }else{








>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>








681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713

** repository.
*/
void cmd_http(void){
  const char *zIpAddr;
  if( g.argc!=2 && g.argc!=3 && g.argc!=6 ){
    cgi_panic("no repository specified");
  }
#if !defined(__MINGW32__)
  if( g.argc==3 && getuid()==0 ){
    int i;
    char *zRepo = g.argv[2];
    struct stat sStat;
    for(i=strlen(zRepo)-1; i>0 && zRepo[i]!='/'; i--){}
    if( zRepo[i]=='/' ){
      zRepo[i] = 0;
      chdir(g.argv[2]);
      chroot(g.argv[2]);
      g.argv[2] = &zRepo[i+1];
    }
    if( stat(g.argv[2], &sStat)!=0 ){
      fossil_fatal("cannot stat() repository: %s", g.argv[2]);
    }
    setgid(sStat.st_gid);
    setuid(sStat.st_uid);
  }
#endif
  g.cgiPanic = 1;
  g.fullHttpReply = 1;
  if( g.argc==6 ){
    g.httpIn = fopen(g.argv[3], "rb");
    g.httpOut = fopen(g.argv[4], "wb");
    zIpAddr = g.argv[5];
  }else{
Changes to src/style.c. 
408
409
410
411
412
413
414



415
416
417
418
419

}

/*
** WEBPAGE: test_env
*/
void page_test_env(void){
  style_header("Environment Test");



  @ g.zBaseURL = %h(g.zBaseURL)<br>
  @ g.zTop = %h(g.zTop)<br>
  cgi_print_all();
  style_footer();
}








>
>
>






408
409
410
411
412
413
414
415
416
417
418
419
420
421
422

}

/*
** WEBPAGE: test_env
*/
void page_test_env(void){
  style_header("Environment Test");
#if !defined(__MINGW32__)
  @ uid=%d(getuid()), gid=%d(getgid())<br>
#endif
  @ g.zBaseURL = %h(g.zBaseURL)<br>
  @ g.zTop = %h(g.zTop)<br>
  cgi_print_all();
  style_footer();
}