summaryrefslogtreecommitdiff
path: root/Mailman/Cgi/roster.py
diff options
context:
space:
mode:
authorbwarsaw2000-09-29 00:05:05 +0000
committerbwarsaw2000-09-29 00:05:05 +0000
commitceddf83bf0000704b4c2c3428db124e88d4a1ee4 (patch)
treeafb489a2eb004c39366553fb4cb12d9da5c8b7e7 /Mailman/Cgi/roster.py
parent8fab2b4ea200b7fbdac7e5f99881f07047ef467c (diff)
downloadmailman-ceddf83bf0000704b4c2c3428db124e88d4a1ee4.tar.gz
mailman-ceddf83bf0000704b4c2c3428db124e88d4a1ee4.tar.zst
mailman-ceddf83bf0000704b4c2c3428db124e88d4a1ee4.zip
Fixes for a minor local security hole. Some of the CGI scripts could
bomb with tracebacks if PATH_INFO environment variable wasn't defined. Fixed this by making them all use Utils.GetPathPieces() and "doing something sensible" when that returned a false value. Also, edithtml is now hidden behind a login screen, so there's no need to enter the list password to edit the html. You can't even get to the list of files to edit unless you've admin authenticated. Closes SF bug #114091, Jitterbug PR# 24.
Diffstat (limited to 'Mailman/Cgi/roster.py')
-rw-r--r--Mailman/Cgi/roster.py56
1 files changed, 25 insertions, 31 deletions
diff --git a/Mailman/Cgi/roster.py b/Mailman/Cgi/roster.py
index 603667e84..22cb305a3 100644
--- a/Mailman/Cgi/roster.py
+++ b/Mailman/Cgi/roster.py
@@ -37,74 +37,68 @@ from Mailman.Logging.Syslog import syslog
def main():
doc = htmlformat.HeadlessDocument()
+
+ parts = Utils.GetPathPieces()
+ if not parts:
+ error_page('Invalid options to CGI script')
+ return
+
+ listname = string.lower(parts[0])
+ try:
+ mlist = MailList.MailList(listname, lock=0)
+ except Errors.MMListError, e:
+ error_page('No such list <em>%s</em>' % listname)
+ syslog('error', 'roster: no such list "%s": %s' % (listname, e))
+ return
+
form = cgi.FieldStorage()
- list = get_list()
bad = ""
# These nested conditionals constituted a cascading authentication
# check, yielding a
- if not list.private_roster:
+ if not mlist.private_roster:
# No privacy.
bad = ""
else:
auth_req = ("%s subscriber list requires authentication."
- % list.real_name)
+ % mlist.real_name)
if not form.has_key("roster-pw"):
bad = auth_req
else:
pw = form['roster-pw'].value
# Just the admin password is sufficient - check it early.
- if not list.ValidAdminPassword(pw):
+ if not mlist.ValidAdminPassword(pw):
if not form.has_key('roster-email'):
# No admin password and no user id, nogo.
bad = auth_req
else:
id = form['roster-email'].value
- if list.private_roster == 1:
+ if mlist.private_roster == 1:
# Private list - members visible.
try:
- list.ConfirmUserPassword(id, pw)
+ mlist.ConfirmUserPassword(id, pw)
except (Errors.MMBadUserError,
Errors.MMBadPasswordError,
Errors.MMNotAMemberError):
bad = ("%s subscriber authentication failed."
- % list.real_name)
+ % mlist.real_name)
else:
# Anonymous list - admin-only visible
# - and we already tried admin password, above.
bad = ("%s admin authentication failed."
- % list.real_name)
+ % mlist.real_name)
if bad:
doc = error_page_doc(bad)
- doc.AddItem(list.GetMailmanFooter())
+ doc.AddItem(mlist.GetMailmanFooter())
print doc.Format()
sys.exit(0)
- replacements = list.GetAllReplacements()
- doc.AddItem(list.ParseTags('roster.html', replacements))
+ replacements = mlist.GetAllReplacements()
+ doc.AddItem(mlist.ParseTags('roster.html', replacements))
print doc.Format()
-def get_list():
- "Return list or bail out with error page."
- list_info = []
- try:
- list_info = Utils.GetPathPieces(os.environ['PATH_INFO'])
- except KeyError:
- pass
- if len(list_info) != 1:
- error_page("Invalid options to CGI script.")
- sys.exit(0)
- listname = string.lower(list_info[0])
- try:
- mlist = MailList.MailList(listname, lock=0)
- mlist.IsListInitialized()
- except Errors.MMListError, e:
- error_page('No such list <em>%s</em>' % listname)
- syslog('error', 'No such list "%s": %s\n' % (listname, e))
- sys.exit(0)
- return mlist
-
+
def error_page(errmsg, *args):
print apply(error_page_doc, (errmsg,) + args).Format()
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-10 05:19:01 +0000