xenofem/python-zulip-api
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

bots: Audit filesystem access.

Browse source 
This adds a safe function for opening files via
ExternalBotHandler. This restricts open calls to a bot's
local directory.

Finalizes #9
This commit is contained in:
derAnfaenger 2017-07-25 16:04:38 +02:00
parent e619c19b36
commit f3eaa381f6
2 changed files with 19 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
zulip_bots/zulip_bots/lib.py
View file

@ -47,12 +47,13 @@ class RateLimit(object):
sys.exit(1) sys.exit(1)
class ExternalBotHandler(object): class ExternalBotHandler(object):
def __init__(self, client): def __init__(self, client, root_dir):
# type: (Client) -> None # type: (Client, string) -> None
# Only expose a subset of our Client's functionality # Only expose a subset of our Client's functionality
user_profile = client.get_profile() user_profile = client.get_profile()
self._rate_limit = RateLimit(20, 5) self._rate_limit = RateLimit(20, 5)
self._client = client self._client = client
self._root_dir = root_dir
try: try:
self.full_name = user_profile['full_name'] self.full_name = user_profile['full_name']
self.email = user_profile['email'] self.email = user_profile['email']
@ -106,6 +107,16 @@ class ExternalBotHandler(object):
raise raise
return dict(config.items(section)) return dict(config.items(section))
def open(self, filepath):
# type: (str) -> None
filepath = os.path.normpath(filepath)
abs_filepath = os.path.join(self._root_dir, filepath)
if abs_filepath.startswith(self._root_dir):
return open(abs_filepath)
else:
raise PermissionError("Cannot open file \"{}\". Bots may only access "
"files in their local directory.".format(abs_filepath))
class StateHandler(object): class StateHandler(object):
def __init__(self): def __init__(self):
# type: () -> None # type: () -> None
@ -136,7 +147,8 @@ def run_message_handler_for_bot(lib_module, quiet, config_file, bot_name):
# #
# Make sure you set up your ~/.zuliprc # Make sure you set up your ~/.zuliprc
client = Client(config_file=config_file, client="Zulip{}Bot".format(bot_name.capitalize())) client = Client(config_file=config_file, client="Zulip{}Bot".format(bot_name.capitalize()))
restricted_client = ExternalBotHandler(client) bot_dir = os.path.dirname(lib_module.__file__)
restricted_client = ExternalBotHandler(client, bot_dir)
message_handler = lib_module.handler_class() message_handler = lib_module.handler_class()
if hasattr(message_handler, 'initialize'): if hasattr(message_handler, 'initialize'):

6
zulip_botserver/zulip_botserver/server.py
View file

@ -1,6 +1,7 @@
from __future__ import absolute_import from __future__ import absolute_import
from __future__ import print_function from __future__ import print_function
import os
import sys import sys
import json import json
import optparse import optparse
@ -47,12 +48,13 @@ def handle_bot(bot):
# type: (str) -> Union[str, BadRequest] # type: (str) -> Union[str, BadRequest]
if bot not in available_bots: if bot not in available_bots:
return BadRequest("requested bot service {} not supported".format(bot)) return BadRequest("requested bot service {} not supported".format(bot))
client = Client(email=bots_config[bot]["email"], client = Client(email=bots_config[bot]["email"],
api_key=bots_config[bot]["key"], api_key=bots_config[bot]["key"],
site=bots_config[bot]["site"]) site=bots_config[bot]["site"])
try: try:
restricted_client = ExternalBotHandler(client) bot_dir = os.path.join(os.path.dirname(os.path.abspath(__file__)),
'bots', bot)
restricted_client = ExternalBotHandler(client, bot_dir)
except SystemExit: except SystemExit:
return BadRequest("Cannot fetch user profile for bot {}, make sure you have set up the flaskbotrc " return BadRequest("Cannot fetch user profile for bot {}, make sure you have set up the flaskbotrc "
"file correctly.".format(bot)) "file correctly.".format(bot))