%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /proc/227033/root/opt/alt/python37/lib/python3.7/site-packages/__pycache__/
Upload File :
Create Path :
Current File : //proc/227033/root/opt/alt/python37/lib/python3.7/site-packages/__pycache__/secureio.cpython-37.pyc

B

`�1b�C�@sZddlmZddlmZddlmZddlZddlZddlZddlZddlm	Z	ddl
mZddlZddl
mZmZmZmZmZmZmZmZmZmZe�d�Zye�d	�ZWnek
r�e�d
�ZYnXeZeZGdd�de�Zee�Zej Z eeege _!ee _"ej#Z#eege#_!ee#_"ej$Z$ege$_!ee$_"ej%Z%ege%_!ee%_"ej&Z&ege&_!de&_"ej'Z'ege'_!ee'_"ej(Z)eege)_!ee)_"egej*_!dej*_"ej+Z+ege+_!ee+_"ej,Z,eeege,_!ee,_"eeeegej-_!eej-_"eeeeegej._!eej._"eeeeeegej/_!eej/_"eeeeegej0_!eej0_"ej1Z1eege1_!ee1_"ej2Z2eege2_!ee2_"d
a3dZ4dZ5dZ6dd�Z(dd�Z7dd�Z8dd�Z*dDdd�Z-dEdd�Z.dFdd�Z/dGdd �Z0dHd!d"�Z9dId$d%�Z:dJd'd(�Z;dKd)d*�Z<dLd+d,�Z=d-d.�Z>d/d0�Z?da@d1d2�ZAe	e5d3�ZBd4d5�ZCdaDdMd6d7�ZEd8d9�ZFdNd:d;�ZGd<d=�ZHd>d?�ZIejJd@dA��ZKejJdBdC��ZLdS)O�)�print_function)�absolute_import)�divisionN)�ClPwd)�drop_user_privileges)
�cdll�c_long�	Structure�c_ushort�c_ubyte�c_char�POINTER�c_int�c_void_p�c_char_pz	libc.so.6zlibsecureio.so.0zliblve.so.0c@s2eZdZdefdefdefdefdedfgZdS)�DIRENTRYZd_inoZd_offZd_reclenZd_type�d_name�N)	�__name__�
__module__�__qualname__�ino_t�off_tr
rrZ_fields_�rr�9/opt/alt/python37/lib/python3.7/site-packages/secureio.pyr#s
rTz/var/log/cagefs-update.logi�FcCst�|tjtjB�S)N)�os�open�O_RDONLY�
O_NOFOLLOW)�pathrrr�open_not_symlink�sr cCst�t|�d�S)N�r)r�fdopenr )rrrr�open_file_not_symlink�sr#cCsdt�|�}t|�}|std��t|�g}x$t|�}|s:P|j}|�|j�q,Wt|�t	|�|S)z:Returns list of entries of directory pointed by descriptorzfdopendir error)
r�dup�	fdopendir�	Exception�	rewinddir�readdir�contents�appendr�closedir)�fdZfd2ZdirpZdirlistZentryp�entryrrr�flistdir�s
r.cCs0|dk	r,yt�|�Wntk
r*YnXdS)N)r�close�OSError)r,rrr�closefd�s
r1cCsL|dkrd}t�|��|||���}|dkr0|S|dk	rH|d|dd�dS)z{Sets permissions to directory (in secure manner)
    Returns descriptor if successful
    Returns None if error has occuredN���rz.Error: failed to set permissions of directory FT)�liblve�set_perm_dir_secure�encode)r�perm�parent_pathr,�loggerrrrr4�sr4cCsN|dkrd}t�|��||||���}|dkr2|S|dk	rJ|d|dd�dS)zSets owner and group of directory (in secure manner)
    Returns descriptor if successful
    Returns None if error has occuredNr2rz(Error: failed to set owner of directory FT)r3�set_owner_dir_securer5)r�uid�gidr7r,r8rrrr9�sr9c	CsP|dkrd}t�|��|||||���}|dkr4|S|dk	rL|d|dd�dS)z�Creates directory if it does not exist, sets permissions/owner otherwise
    Returns descriptor if successful
    Returns None if error has occuredNr2rz#Error : failed to create directory FT)r3�create_dir_securer5)rr6r:r;r7r,r8rrrr<�sr<cCs6t�|��||||���}|r2|r2|d|dd�|S)zeRecursive directory creation function
    Returns 0 if successful
    Returns -1 if error has occuredz#Error : failed to create directory FT)r3�makedirs_securer5)rr6r:r;r7r8Zresrrrr=�sr=c	
Cs�|dkr|dk	s |dk	r(|dkr(td��|dk	o6|dk	}|rFt||�y&t|�}|��}|��|rjt�|Sttfk
r�}z<|r�t�td|dt	|�t
d|�|s��t�d�Wdd}~XYnXdS)z read file not following symlinksNzEread_file_secure: uid and gid should be both null or be both not nullzError: failed to read z : �)
r&�
set_user_permr#�	readlinesr/�
set_root_permr0�IOError�logging�str�SILENT_FLAG�sys�exit)	�filenamer:r;Z
exit_on_error�	write_log�	drop_perm�file_object�content�errr�read_file_secures& 
rN�c
Cstj�|�}|rt||�yttjd|d�\}}	t�|d�}
|
�d�|��|sr|dk	rr|dk	rrt	|||�rrt
d��t||�r�t
d��|
��Wn�t
t
fk
�r:}z�y|
��WnYnXyt�|�WnYnXyt�|	�WnYnX|�rt�td|d	t|��d
d�td|�dSd}~XYnBtk
�rz}z"td
t|�td�t�d�Wdd}~XYnXd}yt�|	|�Wnlt
k
�r�}zLd}td|d	t|�td|�yt�|	�Wnt
k
�r�YnXWdd}~XYnX|�r
t�|S)z!Returns True if error has occuredZcagefs_)�prefix�dir�w�Nz
fchown failedz
fchmod failedzError : failed to write file z : ZErrnozErr codeTzError: r>Fz$Error: failed to rename tempfile to )rr�dirnamer?�tempfile�mkstempr"�write�join�fchownr0�fchmodr/rB�unlinkrArCrD�replacerEr&rFrG�rename)
rLZini_pathr:r;rJr6rI�dirpathr,�	temp_pathrKrM�errorrrr�write_file_secure!s\

&rarScCs�|dk	rt��}t|ddd�tj�|�}d\}}	y>tj|||d�\}}	tj|ddd	��}
|
�|�WdQRXWn|t	t
fk
r�|dks�|	dkr��yt�|�Wnt	t
fk
r�YnXyt�|	�Wnt	t
fk
r�YnX�YnXyt�
|	|�t�|	|�WnHt
t	tfk
�rRyt�|	�Wnt
t	fk
�rJYnX�YnX|dk	�r�t��}t�|�t�t���|d
k�r�t�|�dS)aP
    Safely write string content to a file
    :param content: str
    :param dest_path: str -> path to a file
    :param perm: int -> permissions for the file
    :param prefix: str -> add to temporary file name
    :param suffix: str -> add to temporary file name
    :param as_user: str -> name of the user to drop privileges to
    NTF)Zeffective_or_realZset_env)NN)rP�suffixrQrR�surrogateescape)�errorsr)r�	getgroupsrrrTrUrVr"rWrBr0r/r[�chmodr]�	TypeError�getuid�seteuid�setegid�getgid�	setgroups)rLZ	dest_pathr6rPrbZas_userZ
old_groupsr^r,r_Zf_tempZruidrrr�write_file_via_tempfileXsJ


rmc
CsNyt�|�WnTtfk
rb}z4|rNtdt|�dt|��t�d�ndSWdd}~XYnXt||�}yt�|�WnHtfk
r�}z(|r�td|t|��t�d�ndSWdd}~XYnXyt�	|�WnXtfk
�r,}z6|�rtdt|�dt|��t�d�ndSWdd}~XYnX|dk�r>da
nt��d	a
dS)
Nzfailed to set egid to z: r>r2z'failed to set supplementary groups to :zfailed to set euid to rTF)
rrjr0�print_errorrDrFrG�
get_groupsrlri�	root_flagr3�enable_quota_capability)r:r;rGrM�groupsrrrr?�s4

r?c
Csyt�d�WnFtfk
rT}z&|r@tdt|��t�d�ndSWdd}~XYnXyt�d�WnFtfk
r�}z&|r�tdt|��t�d�ndSWdd}~XYnXtdd�}yt�	|�WnJtfk
�r}z(|r�td|t|��t�d�ndSWdd}~XYnXda
dS)Nrzfailed to set euid to 0 :r>r2z Error: failed to set egid to 0 :z.Error: failed to set supplementary groups to :T)rrir0rnrDrFrGrjrorlrp)rGrMrrrrrrA�s.
rAcGs>tddtjd�x|D]}t|dtjd�qWttjd�dS)NzError:� )�end�file)ru)�printrF�stderr)�args�arrrrn�s
rnc	
Cs�t�}t�}t�}xb|D]Z}||j}xJ|D]B}y||j}Wntk
rTw,YnX||kr,|�||j�q,WqW|�|�t|�S)z$Returns supplementary groups for uid)	�get_grp_dict�get_pwd_dict�setZgr_memZpw_uid�KeyError�addZgr_gid�list)	r:r;�grZpwrr�group�members�userZ
member_uidrrrro�s



rocCs0tdkr,iat��}x|D]}|t|j<qWtS)N)�grp_dict�grpZgetgrallZgr_name)r��linerrrrz�s
rz)Zmin_uidcCst��S)N)�clpwdZ
get_user_dictrrrrr{�sr{c	
Cs�|s|rt|�|r�t}ts,t�\}}t�y@tdkrVt�d�}ttdd�at�|�t�	|�t�	d�Wn@t
tfk
r�}ztdtt
|��t�d�Wdd}~XYnX|s�t||�dS)N�rRr>�
zwriting to )rvrp�get_permrA�log_filer�umaskr�LOGFILErWr0rBrnrDrFrGr?)	�msgZsilent�verboserIZroot_flag_savedr:r;Zumask_savedrMrrrrCs(



rCc
CsZyt��}t��}Wn<tfk
rP}ztdt|��t�d�Wdd}~XYnX||fS)Nzfailed to get (euid,egid)r>)r�geteuid�getegidr0rnrDrFrG)r:r;rMrrrr� sr�cCs|rt��St��S)z�
    Set CAP_SYS_RESOURCE capability

    :param bool clear: Set on if it's true, set off otherwise
    :return: 0 for success, -1 otherwise
    :rtype: int
    )r3�disable_quota_capabilityrq)�clearrrr�set_capability*sr�cCst�|�t�S)a
    Change effective uid of current process and set CAP_SYS_RESOURCE capbality
    to prevent "Disk quota exceeded" error

    :param int euid: User ID to set it as current effective UID
    :return: 0 if capability was set successfuly, -1 otherwise
    :rtype: int
    )rrir�)r:rrr�
change_uid6s	
r�cCs|st��nt��dS)zZ
    Disable quota kernel check to allow us to write
    more than user can by quota.
    N)r3rqr�)�enabledrrr�_set_quota_checks_statusCs
r�c	cs&tdd�z
dVWdtdd�XdS)NF)r�T)r�rrrr�
disable_quotaNs

r�c	cs&t�|�}z
dVWdt�|�XdS)N)rr�)Zumask_valueZsaved_umaskrrr�	set_umaskWs

r�)NN)NN)NN)N)NNTT)TrOT)rSrSN)T)T)FTT)F)MZ
__future__rrrr�rFrU�
contextlibZclcommonrZclcommon.clpwdrrZctypesrrr	r
rrr
rrrZLoadLibraryZlibcr3r0rrrZ
DIRENTRY_PrYZargtypesZrestyperZr%r(r'r+r Z_open_not_symlinkr1Z	check_dir�isdirr4r9r<r=Zget_path_from_descriptorZ	is_subdirrpr�ZMIN_UIDrEr#r.rNrarmr?rArnror�rzr�r{r�rCr�r�r�r��contextmanagerr�r�rrrr�<module>
s�0













8
5
'
"







Zerion Mini Shell 1.0