Roxen.git / server / modules / filesystems / filesystem.pike

version» Context lines:

Roxen.git/server/modules/filesystems/filesystem.pike:1:   // This is a roxen module. (c) Informationsv√§varna AB 1996.      // This is a virtual "file-system".   // It will be located somewhere in the name-space of the server.   // Also inherited by some of the other filesystems.    - string cvs_version= "$Id: filesystem.pike,v 1.19 1997/08/12 06:32:17 per Exp $"; + string cvs_version= "$Id: filesystem.pike,v 1.20 1997/08/12 19:47:54 grubba Exp $";      #include <module.h>   #include <roxen.h>   #include <stat.h>      #if DEBUG_LEVEL > 20   # ifndef FILESYSTEM_DEBUG   # define FILESYSTEM_DEBUG   # endif   #endif
Roxen.git/server/modules/filesystems/filesystem.pike:125:   }      string query_location()   {    return QUERY(mountpoint);   }         mixed stat_file( mixed f, mixed id )   { +  object privs; +  +  if (((int)id->misc->uid) && ((int)id->misc->gid) && +  (QUERY(access_as_user))) { +  // NB: Root-access is prevented. +  privs=((program)"privs")("Getting file", (int)id->misc->uid, +  (int)id->misc->gid ); +  }    if(!stat_cache)    return file_stat(path + f); /* No security currently in this function */    array fs;    if(!id->pragma["no-cache"]&&(fs=cache_lookup("stat_cache",path+f)))    return fs;    fs = file_stat(path+f);    cache_set("stat_cache",path+f,fs);    return fs;   }   
Roxen.git/server/modules/filesystems/filesystem.pike:155:    if(f[0]=='.' && !QUERY(.files)) return 0;    if(!QUERY(tilde) && backup_extension(f)) return 0;    return 1;   }      array find_dir( string f, object id )   {    mixed ret;    array dir;    +  object privs; +  +  if (((int)id->misc->uid) && ((int)id->misc->gid) && +  (QUERY(access_as_user))) { +  // NB: Root-access is prevented. +  privs=((program)"privs")("Getting file", (int)id->misc->uid, +  (int)id->misc->gid ); +  } +     if(!(dir = get_dir( path + f )))    return 0;    -  +  privs = 0; +     if(!QUERY(dir))    // Access to this dir is allowed.    if(search(dir, ".www_browsable") == -1)    {    errors++;    return 0;    }       // Access to this dir is not allowed.    if(sizeof(dir & ({".nodiraccess",".www_not_browsable",".nodir_access"})))
Roxen.git/server/modules/filesystems/filesystem.pike:285:       if(!id->misc->internal_get && QUERY(.files)    && (tmp = (id->not_query/"/")[-1])    && tmp[0] == '.')    return 0;       object privs;       if (((int)id->misc->uid) && ((int)id->misc->gid) &&    (QUERY(access_as_user))) { +  // NB: Root-access is prevented.    privs=((program)"privs")("Getting file", (int)id->misc->uid,    (int)id->misc->gid );    }       o = open( f, "r" );       privs = 0;       if(!o || (QUERY(no_symlinks) && (contains_symlinks(path, oldf))))    {
Roxen.git/server/modules/filesystems/filesystem.pike:326:    }       if(QUERY(check_auth) && (!id->auth || !id->auth[0]))    return http_auth_required("foo",    "<h1>Permission to 'PUT' files denied</h1>");    puts++;       object privs;       if (((int)id->misc->uid) && ((int)id->misc->gid)) { +  // NB: Root-access is prevented.    privs=((program)"privs")("Saving file", (int)id->misc->uid,    (int)id->misc->gid );    }       if (QUERY(no_symlinks) && (contains_symlinks(path, oldf))) {    errors++;    report_error("Creation of " + f + " failed. Permission denied.\n");    return http_low_answer(403, "<h2>Permission denied.</h2>");    }   
Roxen.git/server/modules/filesystems/filesystem.pike:384:    if (QUERY(no_symlinks) && (contains_symlinks(path, oldf))) {    errors++;    report_error("Deletion of " + f + " failed. Permission denied.\n");    return http_low_answer(403, "<h2>Permission denied.</h2>");    }       report_notice("DELETING the file "+f+"\n");    accesses++;       if (((int)id->misc->uid) && ((int)id->misc->gid)) { +  // NB: Root-access is prevented.    privs=((program)"privs")("Deleting file", id->misc->uid, id->misc->gid );    }       if(!rm(f))    {    id->misc->error_code = 405;    return 0;    }    deletes++;    return http_low_answer(200,(f+" DELETED from the server"));