eperl
view release on metacpan or search on metacpan
eperl_main.c view on Meta::CPAN
/* we can only do a switching if we have euid == 0 (root) */
if (geteuid() == 0) {
fOkSwitch = TRUE;
/* get our real user id (= caller uid) */
uid = getuid();
/* security check: valid caller uid */
pw = getpwuid(uid);
if (SETUID_NEEDS_VALID_CALLER_UID && pw == NULL) {
if (DO_FOR_FAILED_STEP == STOP_AND_ERROR) {
PrintError(mode, source, NULL, NULL, "Invalid UID %d of caller", uid);
CU(EX_OK);
}
else
fOkSwitch = FALSE;
}
else {
/* security check: allowed caller uid */
if (SETUID_NEEDS_ALLOWED_CALLER_UID) {
allow = FALSE;
for (i = 0; allowed_caller_uid[i] != NULL; i++) {
if (isdigit(allowed_caller_uid[i][0]))
pw2 = getpwuid(atoi(allowed_caller_uid[i]));
else
pw2 = getpwnam(allowed_caller_uid[i]);
if (strcmp(pw->pw_name, pw2->pw_name) == 0) {
allow = TRUE;
break;
}
}
if (!allow) {
if (DO_FOR_FAILED_STEP == STOP_AND_ERROR) {
PrintError(mode, source, NULL, NULL, "UID %d of caller not allowed", uid);
CU(EX_OK);
}
else
fOkSwitch = FALSE;
}
}
}
/* security check: valid owner UID */
pw = getpwuid(st.st_uid);
if (SETUID_NEEDS_VALID_OWNER_UID && pw == NULL)
if (DO_FOR_FAILED_STEP == STOP_AND_ERROR) {
PrintError(mode, source, NULL, NULL, "Invalid UID %d of owner", st.st_uid);
CU(EX_OK);
}
else
fOkSwitch = FALSE;
else
uid = pw->pw_uid;
eperl_main.c view on Meta::CPAN
fOkSwitch = FALSE;
else
gid = gr->gr_gid;
/* security check: file has to stay below owner homedir */
if (fOkSwitch && SETUID_NEEDS_BELOW_OWNER_HOME) {
/* preserve current working directory */
cwd2 = getcwd(NULL, 1024);
/* determine physical homedir of owner */
pw = getpwuid(st.st_uid);
if (chdir(pw->pw_dir) == -1) {
if (DO_FOR_FAILED_STEP == STOP_AND_ERROR) {
PrintError(mode, source, NULL, NULL, "Invalid homedir ``%s'' of file owner", pw->pw_dir);
CU(EX_OK);
}
else
fOkSwitch = FALSE;
}
else {
dir_home = getcwd(NULL, 1024);
eperl_main.c view on Meta::CPAN
env = mysetenv(env, "SCRIPT_SRC_URL_DIR", "file://%s", abspath(source));
}
env = mysetenv(env, "SCRIPT_SRC_SIZE", "%d", nBuf);
stat(source, &st);
env = mysetenv(env, "SCRIPT_SRC_MODIFIED", "%d", st.st_mtime);
cp = ctime(&(st.st_mtime));
cp[strlen(cp)-1] = NUL;
env = mysetenv(env, "SCRIPT_SRC_MODIFIED_CTIME", "%s", cp);
env = mysetenv(env, "SCRIPT_SRC_MODIFIED_ISOTIME", "%s", isotime(&(st.st_mtime)));
if ((pw = getpwuid(st.st_uid)) != NULL)
env = mysetenv(env, "SCRIPT_SRC_OWNER", "%s", pw->pw_name);
else
env = mysetenv(env, "SCRIPT_SRC_OWNER", "unknown-uid-%d", st.st_uid);
env = mysetenv(env, "VERSION_INTERPRETER", "%s", ePerl_WebID);
env = mysetenv(env, "VERSION_LANGUAGE", "Perl/%s", AC_perl_vers);
/* optionally run the ePerl preprocessor */
if (fPP) {
/* switch to directory where script stays */
getcwd(cwd, MAXPATHLEN);
mod/Apache/ePerl.pm view on Meta::CPAN
# check if we are allowed to use ePerl
if (not ($r->allow_options & OPT_EXECCGI)) {
$r->log_reason("Apache::ePerl: Option ExecCGI is off in this directory", $filename);
return FORBIDDEN;
}
# determine script file information
@S = stat(_);
$size = $S[7];
$mtime = $S[9];
$owner = (getpwuid($S[4]))[0] || 'UNKNOWN';
# check cache for existing P-code
if (not ( $Cache->{$filename}
and $Cache->{$filename}->{CODE}
and $Cache->{$filename}->{SIZE} == $size
and $Cache->{$filename}->{MTIME} == $mtime
and $Cache->{$filename}->{OWNER} eq $owner)) {
# read script
local ($/) = undef;
$fh = new FileHandle $filename;
( run in 0.253 second using v1.01-cache-2.11-cpan-454fe037f31 )