r74996 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r74995‎ | r74996 | r74997 >
Date:03:32, 19 October 2010
Author:tstarling
Status:ok
Tags:
Comment:
Moving sillyshell to tools/subversion
Modified paths:
  • /trunk/tools/sillyshell (deleted) (history)
  • /trunk/tools/subversion/sillyshell (added) (history)

Diff [purge]

Index: trunk/tools/subversion/sillyshell/sillyshell
@@ -0,0 +1,36 @@
 2+#!/usr/bin/python
 3+
 4+conf = {
 5+ "admin": "root@localhost", # customize me
 6+ "svnserve": "/usr/local/bin/svnserve"
 7+}
 8+
 9+import os
 10+import sys
 11+
 12+def restricted(message):
 13+ print "ERROR: %s" % message
 14+ print "This is a restricted shell. If you need to use a full login,"
 15+ print "contact the system administrator at %s." % conf["admin"]
 16+ sys.exit(-1)
 17+
 18+
 19+# No interactive shells! Only accept piped commands.
 20+if sys.stdin.isatty():
 21+ restricted("Interactive shell forbidden.")
 22+
 23+# Take commands in the form <shell> -c "command"
 24+if len(sys.argv) < 2:
 25+ restricted("No parameters to shell.")
 26+if sys.argv[1] != "-c":
 27+ restricted("Expected -c option to shell.")
 28+if len(sys.argv) < 3:
 29+ restricted("Missing argument for -c option.")
 30+if len(sys.argv) > 3:
 31+ restricted("Too many args to shell.")
 32+
 33+# Only allow svnserve -t
 34+if sys.argv[2] != "svnserve -t":
 35+ restricted("Only svnserve -t is allowed.")
 36+
 37+os.execv(conf['svnserve'], [conf['svnserve'], '-t'])
Property changes on: trunk/tools/subversion/sillyshell/sillyshell
___________________________________________________________________
Added: svn:executable
138 + *
Index: trunk/tools/subversion/sillyshell/README
@@ -0,0 +1,10 @@
 2+A quick silly restricted shell to allow running Subversion over ssh without
 3+a full login shell allowed.
 4+
 5+Not audited for full security; use with caution and only where casual
 6+friendly limitations are sufficient.
 7+
 8+Requires Python of some recentish vintage.
 9+
 10+-- brion vibber (brion @ pobox.com)
 11+2006-05-10

Status & tagging log