Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
erp5
Commits
96431983
Commit
96431983
authored
Nov 06, 2012
by
Vincent Pelletier
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Provide a Restricted-friendly zipfile module.
parent
152b5f10
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
92 additions
and
0 deletions
+92
-0
product/ERP5Type/ZipFile.py
product/ERP5Type/ZipFile.py
+73
-0
product/ERP5Type/patches/Restricted.py
product/ERP5Type/patches/Restricted.py
+19
-0
No files found.
product/ERP5Type/ZipFile.py
0 → 100644
View file @
96431983
##############################################################################
#
# Copyright (c) 2012 Nexedi SARL and Contributors. All Rights Reserved.
# Vincent Pelletier <vincent@nexedi.com>
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsability of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# garantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
"""
Restricted zipfile module.
From restricted python, use "import zipfile" (see patches/Restricted.py).
"""
from
AccessControl
import
allow_class
as
_allow_class
from
zExceptions
import
Unauthorized
import
zipfile
as
_zipfile
BadZipfile
=
_zipfile
.
BadZipfile
_allow_class
(
BadZipfile
)
LargeZipFile
=
_zipfile
.
LargeZipFile
_allow_class
(
LargeZipFile
)
ZIP64_LIMIT
=
_zipfile
.
ZIP64_LIMIT
ZIP_FILECOUNT_LIMIT
=
_zipfile
.
ZIP_FILECOUNT_LIMIT
ZIP_MAX_COMMENT
=
_zipfile
.
ZIP_MAX_COMMENT
ZIP_STORED
=
_zipfile
.
ZIP_STORED
ZIP_DEFLATED
=
_zipfile
.
ZIP_DEFLATED
ZipInfo
=
_zipfile
.
ZipInfo
_allow_class
(
ZipInfo
)
ZipExtFile
=
_zipfile
.
ZipExtFile
_allow_class
(
ZipExtFile
)
def
_disallowed
(
*
args
,
**
kw
):
raise
Unauthorized
def
_zipfile__init__
(
self
,
file
,
mode
=
"r"
,
compression
=
ZIP_STORED
,
allowZip64
=
False
):
if
isinstance
(
file
,
basestring
):
raise
ValueError
(
'"file" must be a file-like object'
)
super
(
self
.
__class__
,
self
).
__init__
(
file
,
mode
=
mode
,
compression
=
compression
,
allowZip64
=
allowZip64
)
_zipfile_dict
=
{
'__init__'
:
_zipfile__init__
,
'write'
:
_disallowed
,
'extract'
:
_disallowed
,
'extractall'
:
_disallowed
,
'printdir'
:
lambda
self
:
None
,
}
ZipFile
=
type
(
'ZipFile'
,
(
_zipfile
.
ZipFile
,
object
),
_zipfile_dict
)
_allow_class
(
ZipFile
)
PyZipFile
=
type
(
'PyZipFile'
,
(
_zipfile
.
PyZipFile
,
object
),
_zipfile_dict
)
_allow_class
(
PyZipFile
)
product/ERP5Type/patches/Restricted.py
View file @
96431983
...
@@ -185,3 +185,22 @@ ModuleSecurityInfo('os.path').declarePublic(
...
@@ -185,3 +185,22 @@ ModuleSecurityInfo('os.path').declarePublic(
# Also allow some handy data properties.
# Also allow some handy data properties.
'sep'
,
'pardir'
,
'curdir'
,
'extsep'
,
'sep'
,
'pardir'
,
'curdir'
,
'extsep'
,
)
)
# Alias modules - only applied to restricted python.
MNAME_MAP
=
{
'zipfile'
:
'Products.ERP5Type.ZipFile'
,
}
for
alias
,
real
in
MNAME_MAP
.
items
():
assert
'.'
not
in
alias
,
alias
# TODO: support this
allow_module
(
real
)
del
alias
,
real
orig_guarded_import
=
safe_builtins
[
'__import__'
]
def
guarded_import
(
mname
,
globals
=
None
,
locals
=
None
,
fromlist
=
None
,
level
=-
1
):
if
mname
in
MNAME_MAP
:
mname
=
MNAME_MAP
[
mname
]
if
not
fromlist
:
# fromlist value is meaningless but required. See __import__ doc.
fromlist
=
[
'__name__'
]
return
orig_guarded_import
(
mname
,
globals
,
locals
,
fromlist
,
level
)
safe_builtins
[
'__import__'
]
=
guarded_import
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment