diff --git a/debian/changelog b/debian/changelog index 83d5882f..a1a6b1bd 100644 --- a/debian/changelog +++ b/debian/changelog @@ -5,6 +5,9 @@ alternc (0.9.6.1) stable; urgency=high * Show installation warning only once. Closes: #737 * Make it possible to erase files and directories in file browser. Closes: #1002. * Fix mail accounts creation. Closes: #1003. + * Fix a race condition in update_domains.sh which could allow users to + bypass openbasedir protection when creating domains. Reported by + Jerome Moinet. -- Antoine Beaupré Fri, 12 Jan 2007 15:59:42 -0500 diff --git a/src/basedir_prot.sh b/src/basedir_prot.sh index 64073d1b..d262ed44 100755 --- a/src/basedir_prot.sh +++ b/src/basedir_prot.sh @@ -93,11 +93,7 @@ if [ $# -gt 0 ]; then initial_domain=`init_dom_letter "$i"` dom="/var/alternc/dns/$initial_domain/$i" fi - if [ -e "$dom" ]; then - doms="$doms $dom" - else - echo skipping non-existent domain "$dom" >&2 - fi + doms="$doms $dom" done else doms=`find /var/alternc/dns -type l` diff --git a/src/update_domains.sh b/src/update_domains.sh index 998e9a1a..285fd7b7 100755 --- a/src/update_domains.sh +++ b/src/update_domains.sh @@ -123,11 +123,16 @@ print_user_letter() { add_to_php_override() { local fqdn="$1" - local escaped_fqdn=`echo "$fqdn" | sed 's/\([\*|\.]\)/\\\\\1/g'` - if ! grep -q "^${escaped_fqdn}$" "$CHANGED_PHP_OVERRIDES_TMP_FILE"; then - echo "$fqdn" >> "$CHANGED_PHP_OVERRIDES_TMP_FILE" - fi + /usr/lib/alternc/basedir_prot.sh "$fqdn" >> "$DOMAIN_LOG_FILE" +} + +remove_php_override() { + local fqdn="$1" + local letter=`print_domain_letter $fqdn` + + sed -i "/$fqdn/d" $APACHECONF_DIR/override_php.conf + rm -f $APACHECONF_DIR/$letter/$fqdn } add_to_named_reload() { @@ -235,6 +240,15 @@ add_host() { delete_host "$domain" "$host" + if [ "$host" = "@" -o -z "$host" ]; then + FQDN="$domain" + else + FQDN="$host.$domain" + fi + if [ "$host_type" != "$TYPE_IP" ]; then + add_to_php_override "$FQDN" + fi + if [ "$host_type" = "$TYPE_IP" ]; then ip="$value" else @@ -394,11 +408,10 @@ touch "$LOCK_FILE" DOMAINS_TMP_FILE=`mktemp -t alternc.update_domains.XXXXXX` HOSTS_TMP_FILE=`mktemp -t alternc.update_domains.XXXXXX` RELOAD_ZONES_TMP_FILE=`mktemp -t alternc.update_domains.XXXXXX` -CHANGED_PHP_OVERRIDES_TMP_FILE=`mktemp -t alternc.update_domains.XXXXXX` cleanup() { rm -f "$LOCK_FILE" "$DOMAINS_TMP_FILE" "$HOSTS_TMP_FILE" - rm -f "$RELOAD_ZONES_TMP_FILE" "$CHANGED_PHP_OVERRIDES_TMP_FILE" + rm -f "$RELOAD_ZONES_TMP_FILE" exit 0 } @@ -449,9 +462,6 @@ while read user domain mx are_we_dns are_we_mx action ; do DOMAIN_LETTER=`print_domain_letter "$domain"` USER_LETTER=`print_user_letter "$user"` - add_to_php_override "$domain" - add_to_php_override "www.$domain" - case "$action" in $ACTION_INSERT) if [ "$are_we_dns" = "$YES" ] ; then @@ -499,15 +509,6 @@ IFS=" " while read user domain host value type action; do IFS="$OLD_IFS" - if [ "$host" = "@" -o -z "$host" ]; then - FQDN="$domain" - else - FQDN="$host.$domain" - fi - if [ "$type" != "$TYPE_IP" ]; then - add_to_php_override "$FQDN" - fi - case "$action" in $ACTION_UPDATE | $ACTION_INSERT) add_host "$domain" "$type" "$host" "$value" "$user" @@ -526,11 +527,6 @@ while read user domain host value type action; do done < "$HOSTS_TMP_FILE" IFS="$OLD_IFS" -# Update PHP overrides (basedir protection) -for domain in `cat "$CHANGED_PHP_OVERRIDES_TMP_FILE"`; do - /usr/lib/alternc/basedir_prot.sh "$domain" >> "$DOMAIN_LOG_FILE" -done - # Reload configuration for named and apache RELOAD_ZONES=`cat "$RELOAD_ZONES_TMP_FILE"`