upstream/borgbackup
1
0
Fork 0
mirror of https://github.com/borgbackup/borg.git synced 2026-06-11 09:59:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

security fix: --restrict-to-path must not accept pathes with same name prefix

Browse source 
bug: --restrict-to-path /foo  erroneously allowed  /foobar.
even worse: --restrict-to-path /foo/  erroneously allowed  /foobar.
This commit is contained in:
Thomas Waldmann 2016-08-02 15:50:21 +02:00
parent 28cbf24815
commit dde18d6a76
1 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
borg/remote.py
View file

@ -120,8 +120,13 @@ class RepositoryServer: # pragma: no cover
path = path[1:]
path = os.path.realpath(os.path.expanduser(path))
if self.restrict_to_paths:
# if --restrict-to-path P is given, we make sure that we only operate in/below path P.
# for the prefix check, it is important that the compared pathes both have trailing slashes,
# so that a path /foobar will NOT be accepted with --restrict-to-path /foo option.
path_with_sep = os.path.join(path, '') # make sure there is a trailing slash (os.sep)
for restrict_to_path in self.restrict_to_paths:
if path.startswith(os.path.realpath(restrict_to_path)):
restrict_to_path_with_sep = os.path.join(os.path.realpath(restrict_to_path), '') # trailing slash
if path_with_sep.startswith(restrict_to_path_with_sep):
break
else:
raise PathNotAllowed(path)