Difuse/luci
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

libs/web: Add additional sanity checks to session mechanism

Browse source
This commit is contained in:
Steven Barth 2008-08-11 10:43:31 +00:00
parent 673b4e1698
commit f83bb9996b
1 changed files with 12 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
libs/web/luasrc/sauth.lua
View file

@ -45,14 +45,16 @@ end
--- Prepare session storage by creating the session directory. --- Prepare session storage by creating the session directory.
function prepare() function prepare()
luci.fs.mkdir(sessionpath) luci.fs.mkdir(sessionpath)
luci.fs.chmod(sessionpath, "a-rwx,u+rwx") if not luci.fs.chmod(sessionpath, "a-rwx,u+rwx") then
error("Security Exception: Session path is not sane!")
end
end end
--- Read a session and return its content. --- Read a session and return its content.
-- @param id Session identifier -- @param id Session identifier
-- @return Session data -- @return Session data
function read(id) function read(id)
if not id then if not id or not sane() then
return return
end end
clean() clean()
@ -60,11 +62,18 @@ function read(id)
end end
--- Check whether Session environment is sane.
-- @return Boolean status
function sane()
return luci.fs.stat(sessionpath, "mode") == "rwx------"
end
--- Write session data to a session file. --- Write session data to a session file.
-- @param id Session identifier -- @param id Session identifier
-- @param data Session data -- @param data Session data
function write(id, data) function write(id, data)
if not luci.fs.stat(sessionpath) then if not sane() then
prepare() prepare()
end end
luci.fs.writefile(sessionpath .. "/" .. id, data) luci.fs.writefile(sessionpath .. "/" .. id, data)