~azzar1/unity/add-show-desktop-key

Viewing changes to setup.py

Committer: mattgiuca
Date: 2007-12-21 00:10:32 UTC
Revision ID: svn-v3-trunk0:2b9c9e99-6f39-0410-b283-7f802c844ae2:trunk:110

setup.py: Added to trampoline/conf.h an "allowed_uids" array. Asks the user
for a single allowed UID.
trampoline/trampoline.c: Checks this array against the current UID who called
the program, and exits early unless the UID is root, or on the whitelist.

files modified:
setup.py

trampoline/trampoline.c

Show diffs side-by-side

added added

removed removed

setup.py

219

jail_base = query_user(

220

"""Root directory where user files are stored (on the local file system):

221

(eg. "/home/informatics/jails")""")

222

allowed_uid = query_user(

223

"""UID of the web server process which will run IVLE.

224

Only this user may execute the trampoline. You can configure multiple users

225

by manually editing conf.h.

226

(eg. "1002")""")

227

228

# Error handling on input values

229

230

try:

231

allowed_uid = int(allowed_uid)

232

except ValueError:

233

print >>sys.stderr, "Invalid UID (%s)." % allowed_uid

234

return 1

222

235

223

236

# Write www/conf/conf.py

224

237

250

263

# presented with the login screen.

251

264

default_app = "%s"

252

265

""" % (root_dir, ivle_install_dir, jail_base, default_app))

253

266

254

267

conf.close()

255

268

except IOError, (errno, strerror):

256

269

print "IO error(%s): %s" % (errno, strerror)

275

288

* jail_base or a subdirectory of jail_base.

276

289

277

290

static const char* jail_base = "%s";

278

""" % (jail_base))

291

292

/* Which user IDs are allowed to run the trampoline.

293

* This list should be limited to the web server user.

294

* (Note that root is an implicit member of this list).

295

296

static const int allowed_uids[] = { %d };

297

""" % (jail_base, allowed_uid))

279

298

280

299

conf.close()

281

300

except IOError, (errno, strerror):

Older »