> From: Axel Beckert <[EMAIL PROTECTED]>
> Subject: Re: [Mailman-Announce] Critical security update for Mailman 2.1.5
> and earlier
> To: mailman-developers@python.org
>
> I just want to share my experiences with the patch:
>
> Am Thu, Feb 10, 2005 at 09:41:05AM -0500, Barry Warsaw schrieb:
>> There is a critical security flaw in Mailman 2.1.5 and earlier Mailman
>> 2.1 versions
>
> As I noticed, 2.0.x versions (at least 2.0.13) are vulnerable, too.
I suspect that even 1.x versions of Mailman are vulnerable.
> Is there any patch which complies with Python 1 syntax?
I think something like this should work, slightly tested using Python
1.5.2.
------------------------------------------------------------------------
SLASH = '/'
def true_path(path):
"Ensure that the path is safe by removing .."
parts = string.split(path, SLASH)
safe = filter(lambda x: x not in ('.', '..'), parts)
if parts <> safe:
# No easy "syslog()" function is necessarily available in
# early Mailman versions.
#
# syslog('mischief', 'Directory traversal attack thwarted')
pass
return string.join(safe, SLASH)[1:]
------------------------------------------------------------------------
--
Harald
_______________________________________________
Mailman-Developers mailing list
Mailman-Developers@python.org
http://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org
Security Policy:
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
