rpms / python-jinja2

Clone
Source Code
GIT

Files

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c7-extras c8 c8-beta c8-beta-stream-2.7 c8-beta-stream-3.8 c8-stream-2.7 c8-stream-3.8 c8s c8s-stream-2.7 c8s-stream-3.8 c9 c9-beta c9s-sig-cloud-openstack-caracal c9s-sig-cloud-openstack-dalmatian c9s-sig-storage-ceph-pacific
  1.   c7-beta
  2.   SOURCES
  3.   python-jinja2-fix-CVE-2014-0012.patch
Blob Blame History Raw 
diff --git a/jinja2/bccache.py b/jinja2/bccache.py
index 09ff845..c31a905 100644
--- a/jinja2/bccache.py
+++ b/jinja2/bccache.py
@@ -16,6 +16,7 @@
 """
 from os import path, listdir
 import os
+import stat
 import sys
 import errno
 import marshal
@@ -230,6 +231,14 @@ class FileSystemBytecodeCache(BytecodeCache):
             if e.errno != errno.EEXIST:
                 raise
 
+        if os.lstat(actual_dir).st_uid != os.getuid():
+            raise RuntimeError('Someone else owns temp directory with your '
+                               'uid. You need to explicitly provide another.')
+
+        if stat.S_IMODE(os.lstat(actual_dir).st_mode) != 448:
+            raise RuntimeError('Bad permission flags on temp directory, '
+                               'shoud be 0700. You need to fix this.')
+
         return actual_dir
 
     def _get_cache_filename(self, bucket):

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation