Sorry for noob question
I’ve just installed mod_ruby
Trying to create new file and there an Insecure operation error.
SomeFile = File.new(“someFileName”, “w”)
What must i do then?
Sorry for noob question
I’ve just installed mod_ruby
Trying to create new file and there an Insecure operation error.
SomeFile = File.new(“someFileName”, “w”)
What must i do then?
SomeFile = File.new("someFileName", "w")
"someFileName" is probably tainted because it came from the outside. You
must *carefully* verify that it's a valid filename and that you can use
the filename *safely* before trying to untaint it.
Guy Decoux
ביום שלישי, 18 בפברואר 2003, 14:33, \ כתב:
Trying to create new file and there an Insecure operation error.
SomeFile = File.new(“someFileName”, “w”)
What must i do then?
Is the filename is from GPC(Get/Post/Cookie) origin?
Hello ts,
“someFileName” is probably tainted because it came from the outside. You
must carefully verify that it’s a valid filename and that you can use
the filename safely before trying to untaint it.
“someFileName” is generated by me. All aperations are safe.
I am writing some my Own data into this file. How can i permit it?
Hello Idan,
Tuesday, February 18, 2003, 5:45:16 PM, you wrote:
Trying to create
new file and there an Insecure operation error.> SomeFile =
File.new(“someFileName”, “w”)> What must i do then?Is the filename
is from GPC(Get/Post/Cookie) origin?
yup. From post
"someFileName" is generated by me. All aperations are safe.
I am writing some my Own data into this file. How can i permit it?
What is the value of $SAFE ?
How "someFileName" is generated ? Can you post the script ?
Guy Decoux
Hi,
In message “Re: $SAFE and creating New objects (File)” on 03/02/18, “"RayZ" Andrew V Rumm” rayz@gloria-jeans.ru writes:
“someFileName” is generated by me. All aperations are safe.
I am writing some my Own data into this file. How can i permit it?
Show us the code and exact error messages.
matz.
Can i upload any files elsewhere?
Any examples pls?
ts,
What is the value of $SAFE ?
$SAFE → 1
How “someFileName” is generated ? Can you post the script ?
But… it’s too big
#!/bhome/part2/01/gloria/ruby/bin/ruby
require ‘mysql’
require ‘cgi’
require ‘templates’
require ‘…/site/global’
require ‘…/site/image’
cgi = CGI.new
action = cgi[‘action’][0].read.to_s
ImagesDir = “”
case action
when ‘add’
begin
category_id = cgi[‘category’][0].read
sql = makeSQLconn()
brand_id = sql.query("select brand_id from g_categories where id = #{category_id}").fetch_hash['brand_id'].to_i
sql.close
name = cgi['name'][0].read
description = cgi['description'][0].read
if cgi.has_key? 'new'
new_val = cgi['new'][0].read
new = new_val == "on" ? 1 : 0
else
new = 0
end
Imagefile = cgi['image_file'][0].read
Thumbfile = cgi['thumbnail_file'][0].read
ImagesDir = DocumentRoot + "/images/models/images/"
ThumbDir = DocumentRoot + "/images/models/thumbnails/"
ImagecounterFile = File.new(ImagesDir + "count.txt", "r+")
ThumbcounterFile = File.new(ThumbDir + "count.txt", "r+")
newImageFilename = ImagecounterFile.read.strip.to_s.succ
newThumbFilename = ThumbcounterFile.read.strip.to_s.succ
ImagecounterFile.close()
ThumbcounterFile.close()
ImagecounterFile = File.new(ImagesDir + "count.txt", "w")
ThumbcounterFile = File.new(ThumbDir + "count.txt", "w")
ImagecounterFile.write(newImageFilename)
ThumbcounterFile.write(newThumbFilename)
ImagecounterFile.close()
ThumbcounterFile.close()
i_type, i_width, i_height, i_extension = []
t_type, t_width, t_height, t_extension = []
image = Image::Info.new Imagefile
thumb = Image::Info.new Thumbfile
i_type, i_width, i_height, i_extension = image.type, image.width, image.height, image.extension
t_type, t_width, t_height, t_extension = thumb.type, thumb.width, thumb.height, thumb.extension
i_path = "/images/models/images/" + newImageFilename + i_extension
t_path = "/images/models/thumbnails/" + newThumbFilename + t_extension
newImageF
Can i upload any files elsewhere?
Any examples pls?
Well, if you want to speak about multipart form values in cgi, you have in
the documentation
=== GET MULTIPART FORM VALUES
require "cgi"
cgi = CGI.new
values = cgi['field_name'] # <== array of 'field_name'
values[0].read # <== body of values[0]
values[0].local_path # <== path to local file of values[0]
values[0].original_filename # <== original filename of values[0]
values[0].content_type # <== content_type of values[0]
and values[0] has StringIO or Tempfile class methods.
Guy Decoux
Well… it’s cutted.
Other code doesn’t matter.
This is an error message:
/bhome/part2/01/gloria/vcgi/_admin/processmodel.rb:68:in initialize': Insecure operation - initialize (SecurityError) from /bhome/part2/01/gloria/vcgi/_admin/processmodel.rb:68:in
new’
from /bhome/part2/01/gloria/vcgi/_admin/processmodel.rb:68
from /bhome/part2/01/gloria/ruby/lib/ruby/1.6/apache/ruby-run.rb:70:in load' from /bhome/part2/01/gloria/ruby/lib/ruby/1.6/apache/ruby-run.rb:70:in
handler’
from ruby:0
Error at
newImageFile = File.new(ImagesDir + newImageFilename + i_extension, “w”)
newImageFilename = ImagecounterFile.read.strip.to_s.succ
newThumbFilename = ThumbcounterFile.read.strip.to_s.succ
These 2 String are tainted, they are read from a file.
Normally you need a lock, or your counter can have problems.
Guy Decoux
category_id = cgi[‘category’][0].read
sql = makeSQLconn()
brand_id = sql.query(“select brand_id from g_categories where id = #{category_id}”).fetch_hash[‘brand_id’].to_i
sql.close
name = cgi[‘name’][0].read
description = cgi[‘description’][0].read
if cgi.has_key? 'new’
new_val = cgi[‘new’][0].read
new = new_val == “on” ? 1 : 0
else
new = 0
end
Imagefile = cgi[‘image_file’][0].read
Thumbfile = cgi[‘thumbnail_file’][0].read
ImagesDir = DocumentRoot + "/images/models/images/"
ThumbDir = DocumentRoot + “/images/models/thumbnails/”
ImagecounterFile = File.new(ImagesDir + “count.txt”, “r+”)
ThumbcounterFile = File.new(ThumbDir + “count.txt”, “r+”)
newImageFilename = ImagecounterFile.read.strip.to_s.succ
newThumbFilename = ThumbcounterFile.read.strip.to_s.succ
ImagecounterFile.close()
ThumbcounterFile.close()
ImagecounterFile = File.new(ImagesDir + “count.txt”, “w”)
ThumbcounterFile = File.new(ThumbDir + “count.txt”, “w”)
ImagecounterFile.write(newImageFilename)
ThumbcounterFile.write(newThumbFilename)
ImagecounterFile.close()
ThumbcounterFile.close()
i_type, i_width, i_height, i_extension = []
t_type, t_width, t_height, t_extension = []
image = Image::Info.new Imagefile
thumb = Image::Info.new Thumbfile
i_type, i_width, i_height, i_extension = image.type, image.width, image.height, image.extension
t_type, t_width, t_height, t_extension = thumb.type, thumb.width, thumb.height, thumb.extension
i_path = “/images/models/images/” + newImageFilename + i_extension
t_path = “/images/models/thumbnails/” + newThumbFilename + t_extension
#-------------- This Line causes An Error
newImageFile = File.new(ImagesDir + newImageFilename + i_extension, “w”)
newThumbFile = File.new(ThumbDir + newThumbFilename + t_extension, “w”)
newImageFile.write(Imagefile)
newThumbFile.write(Thumbfile)
newImageFile.close()
newThumbFile.close()
newImageFilename =
ImagecounterFile.read.strip.to_s.succ
newThumbFilename =
ThumbcounterFile.read.strip.to_s.succ
These 2 String are tainted, they are read from a file.
Normally you need a lock, or your counter can have problems.
Counter works properly…
Lock?
Hi,
In message “Re: $SAFE and creating New objects (File)” on 03/02/19, “"RayZ" Andrew V Rumm” rayz@gloria-jeans.ru writes:
/bhome/part2/01/gloria/vcgi/_admin/processmodel.rb:68:in
initialize': Insecure operation - initialize (SecurityError) from /bhome/part2/01/gloria/vcgi/_admin/processmodel.rb:68:in
new’
from /bhome/part2/01/gloria/vcgi/_admin/processmodel.rb:68
from /bhome/part2/01/gloria/ruby/lib/ruby/1.6/apache/ruby-run.rb:70:inload' from /bhome/part2/01/gloria/ruby/lib/ruby/1.6/apache/ruby-run.rb:70:in
handler’
from ruby:0Error at
newImageFile = File.new(ImagesDir + newImageFilename + i_extension, “w”)
This implies either ImagesDir, newImageFilename, i_extension is
tainted. I can’t tell further.
matz.
Counter works properly...
Lock?
This is in case where 2 CGI scripts try to read/write in the same counter
file at the same time
The file can be corrupted, you must normally use a lock
pigeon% ri File#flock
------------------------------------------------------------- File#flock
file.flock ( aLockingConstant ) -> 0 or false
------------------------------------------------------------------------
Locks or unlocks a file according to aLockingConstant (a logical or
of the values in Table 22.4 on page 312). Returns false if
File::LOCK_NB is specified and the operation would otherwise have
blocked. Not available on all platforms.
File.new("testfile").flock(File::LOCK_UN) #=> 0
pigeon%
Guy Decoux