summaryrefslogtreecommitdiff
path: root/portato.py
diff options
context:
space:
mode:
authorNecoro <>2007-10-15 08:54:54 +0000
committerNecoro <>2007-10-15 08:54:54 +0000
commitac3b08b33934c247345673bb8c746ffda17b5a60 (patch)
treecf2985f51e890831189f2dcfc11c27f1b20b64da /portato.py
parentd14f493eaef54c9120d9c24951d82c45a0b51f44 (diff)
downloadportato-ac3b08b33934c247345673bb8c746ffda17b5a60.tar.gz
portato-ac3b08b33934c247345673bb8c746ffda17b5a60.tar.bz2
portato-ac3b08b33934c247345673bb8c746ffda17b5a60.zip
use anonymous pipe instead of socket -- fixes security issue
Diffstat (limited to '')
-rwxr-xr-xportato.py52
1 files changed, 30 insertions, 22 deletions
diff --git a/portato.py b/portato.py
index 765e070..93fc88e 100755
--- a/portato.py
+++ b/portato.py
@@ -14,7 +14,7 @@
from __future__ import with_statement, absolute_import
-import sys, os
+import sys, os, subprocess
import gettext, locale
from optparse import OptionParser
@@ -47,6 +47,9 @@ def main ():
parser.add_option("-e", "--ebuild", action = "store", dest = "ebuild",
help = _("opens the ebuild viewer instead of launching Portato"))
+ parser.add_option("-p", "--pipe", action = "store", dest = "pipe",
+ help = _("file descriptor to use to communicate with the listener (internal use only)"))
+
parser.add_option("-x", "--validate", action = "store", dest = "validate", metavar="PLUGIN",
help = _("validates the given plugin xml instead of launching Portato"))
@@ -58,7 +61,7 @@ def main ():
# evaluate parser's results
if options.check: # run pychecker
- os.environ['PYCHECKER'] = "--limit 50"
+ os.environ['PYCHECKER'] = "--limit 100"
import pychecker.checker
if len(args): # additional arguments overwrite given frontend
@@ -75,9 +78,9 @@ def main ():
print _("'%(frontend)s' should be installed, but cannot be imported. This is definitly a bug. (%(error)s)") % {"frontend": options.frontend, "error": e[0]}
sys.exit(1)
- if options.ebuild:
+ if options.ebuild: # show ebuild
show_ebuild(options.ebuild)
- elif options.validate:
+ elif options.validate: # validate a plugin
from lxml import etree
try:
etree.XMLSchema(file = XSD_LOCATION).assertValid(etree.parse(options.validate))
@@ -90,25 +93,30 @@ def main ():
else:
print _("Validation succeeded.")
return
- elif options.nolistener or os.getuid() == 0:
- listener.set_send()
+
+ elif options.nolistener or os.getuid() == 0: # start GUI
+ if options.pipe:
+ listener.set_send(int(options.pipe))
+ else:
+ listener.set_send()
+
run()
- else: # start listener and start us again in root modus
- pid = os.fork()
- if pid == 0: # start portato in child
- additional = []
- if options.check:
- additional.append("-c")
- if options.frontend:
- additional.extend(["-f", options.frontend])
-
- cmd = SU_COMMAND.split()
- env = os.environ.copy()
- env.update(DBUS_SESSION_BUS_ADDRESS="")
- os.execvpe(cmd[0], cmd+["%s --no-listener %s" % (sys.argv[0], " ".join(additional))], env = env)
-
- else: # start listener
- listener.set_recv()
+
+ else: # start us again in root modus and launch listener
+ read, write = os.pipe()
+ additional = []
+ if options.check:
+ additional.append("--check")
+ if options.frontend:
+ additional.extend(["--frontend", options.frontend])
+
+ # set DBUS_SESSION_BUS_ADDRESS to "" to make dbus work as root ;)
+ env = os.environ.copy()
+ env.update(DBUS_SESSION_BUS_ADDRESS="")
+ cmd = SU_COMMAND.split()
+ subprocess.Popen(cmd+["%s --no-listener --pipe %d %s" % (sys.argv[0], write, " ".join(additional))], env = env, close_fds = False)
+
+ listener.set_recv(read)
if __name__ == "__main__":
main()