diff options
author | icewing <icewing@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-06-02 11:47:01 +0000 |
---|---|---|
committer | icewing <icewing@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-06-02 11:47:01 +0000 |
commit | b4d8eccb0ef06eee437dd873c8a8fe5751cbcef8 (patch) | |
tree | 60e00b63cadf7e828c93eb2c27439180aa08375a | |
parent | 2c0c9692dd4efef01f6f65bb31d1ef2d159633e6 (diff) | |
download | elgg-b4d8eccb0ef06eee437dd873c8a8fe5751cbcef8.tar.gz elgg-b4d8eccb0ef06eee437dd873c8a8fe5751cbcef8.tar.bz2 |
Marcus Povey <marcus@dushka.co.uk>
* Privileged path check to privileged function execution.
... i really don't like this exception stuff. I think it would be better to say that you can't access stuff you can't access.
git-svn-id: https://code.elgg.org/elgg/trunk@767 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r-- | engine/lib/elgglib.php | 50 | ||||
-rw-r--r-- | engine/schema/mysql.sql | 6 |
2 files changed, 28 insertions, 28 deletions
diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php index b2defab52..fc7627888 100644 --- a/engine/lib/elgglib.php +++ b/engine/lib/elgglib.php @@ -1123,13 +1123,9 @@ */ function execute_privileged_codeblock($function, array $params = null) { - // Test to see if we can actually execute code + // Test to see if we can actually execute code by calling any other functions if (trigger_event("execute_privileged_codeblock", "all")) { - - - // Elevate privilege - // Execute $result = null; @@ -1138,43 +1134,41 @@ else $result = $function($params); - // return privilege - - // Return value return $result; } - else - throw new SecurityException("Denied access to execute privileged code block"); + + throw new SecurityException("Denied access to execute privileged code block"); } /** * Validate that a given path has privileges to execute a piece of privileged code. + * + * TODO: Is this safe to execute as an event? */ function epc_validate_path($event, $object_type, $object) { + global $CONFIG; + + // Get a list of paths + $callstack = debug_backtrace(); + $call_paths = array(); + foreach ($callstack as $call) + $call_paths[] = sanitise_string($call['path']); + + // Get privileged paths + $paths = get_data("SELECT * from {$CONFIG->dbprefix}privileged_paths"); + foreach ($paths as $p) + { + if (in_array($CONFIG->path . "$p", $call_paths)) + return true; + } + return false; } /// Register path evaluator - //register_event_handler('execute_privileged_codeblock', 'all', 'epc_validate_path', 1); - + register_event_handler('execute_privileged_codeblock', 'all', 'epc_validate_path', 1); - - // get admin user funciton - - // register privileged code block - - - // check for plugin function - use reflection to make sure that function is permitted to execute code as privileged - // Ensure that function can only be called from same dir tree -- compare where i'm called from to where function is. - // check for user function - - // execute privileged code block - // trigger check event - // if ok then - // swap user - // execute - // swap user ?>
\ No newline at end of file diff --git a/engine/schema/mysql.sql b/engine/schema/mysql.sql index b4cb6ebf2..874720f3d 100644 --- a/engine/schema/mysql.sql +++ b/engine/schema/mysql.sql @@ -248,3 +248,9 @@ CREATE TABLE `prefix_system_log` ( PRIMARY KEY (`id`)
);
+-- Privileged paths, added to by the admin panel
+CREATE TABLE `prefix_privileged_paths` (
+ `path` varchar(128) NOT NULL,
+
+ PRIMARY KEY (`path`)
+);
|