D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
proc
/
self
/
root
/
opt
/
cloudlinux
/
venv
/
lib
/
python3.11
/
site-packages
/
lvestats
/
lib
/
commons
/
Filename :
fileutil.py
back
Copy
# coding=utf-8 # # Copyright © Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2019 All Rights Reserved # # Licensed under CLOUD LINUX LICENSE AGREEMENT # http://cloudlinux.com/docs/LICENSE.TXT import os def open_nofollow(path): """ Open *path* rejecting symlinks at every component, not just the leaf. Uses openat() (via *dir_fd*) to walk each component with O_NOFOLLOW so that an attacker who controls an intermediate directory (e.g. /tmp/lshttpd owned by nobody) cannot substitute it with a symlink. :return: file descriptor (caller must close) :raises: OSError if any component is a symlink or does not exist """ parts = path.lstrip('/').split('/') fd = os.open('/', os.O_RDONLY | os.O_DIRECTORY) try: for component in parts[:-1]: next_fd = os.open( component, os.O_RDONLY | os.O_NOFOLLOW | os.O_DIRECTORY, dir_fd=fd, ) os.close(fd) fd = next_fd result_fd = os.open( parts[-1], os.O_RDONLY | os.O_NOFOLLOW, dir_fd=fd, ) finally: os.close(fd) return result_fd