Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2025-11-08 14:26:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

symlink protection

Browse Source
This commit is contained in:
Usman Nasir
2020-02-06 22:11:20 +05:00
parent de5bb17a1c
commit e869ff9bd1
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
filemanager/filemanager.py
View File

@@ -332,7 +332,10 @@ class FileManager:
writeToFile.write(self.data['fileContent'].encode('utf-8')) writeToFile.write(self.data['fileContent'].encode('utf-8'))
writeToFile.close() writeToFile.close()
if os.path.islink(self.data['fileName']): command = 'ls -la %s' % (self.data['fileName'])
output = ProcessUtilities.outputExecutioner(command)
if output.find(website.externalApp) == -1:
return self.ajaxPre(0, 'File exists and is symlink.') return self.ajaxPre(0, 'File exists and is symlink.')
if self.data['fileName'].find(self.data['home']) == -1 or self.data['fileName'].find('..') > -1: if self.data['fileName'].find(self.data['home']) == -1 or self.data['fileName'].find('..') > -1: