Opened 6 years ago

Closed 5 years ago

Last modified 20 months ago

#4897 closed defect (fixed)

TracAccountManager htpasswd file handling clobbers symlinks

Reported by: leosh Owned by: hasienda
Priority: normal Component: AccountManagerPlugin
Severity: critical Keywords: htpasswd mangle file link
Cc: Trac Release: 0.11


I'm using TracAccountManager 0.2.1dev-r5273 on Ubuntu and had it pointed at a symlink of an htpasswd file (since I'm reusing the file for apache).

What happened was when the user passwords were changed in Trac, the symlink would get replaced by an actual file. This turned into all sorts of badness since there were now two htpasswd files that diverged.

The original htpasswd file was set to be readable and writable by trac, however the directory it was in wasn't. That may have had to do with this failure case. Both the directory the symlink was in and the symlink itself were read/write accessible by trac.

Attachments (0)

Change History (2)

comment:1 Changed 5 years ago by hasienda

  • Keywords htpasswd mangle file link added
  • Owner changed from mgood to hasienda
  • Status changed from new to assigned
  • Summary changed from TracAccountManager clobbers symlinks to TracAccountManager htpasswd file handling clobbers symlinks

See #4276 for a related issue. I'm working on a patch, that is already tested and proven to fix both issues.

comment:2 Changed 5 years ago by hasienda

  • Resolution set to fixed
  • Status changed from assigned to closed

(In [9272]) AccountManagerPlugin: Improve password file handling, closes #4276 and #4897.

htpasswd.bak files are not deleted anymore when updating htpasswd file in the same directory and it's ownership is preserved as well, preventing a DoS by inaccessible user file in shared use. Furthermore we use universal newline support, if build-in, so line endings are always seen as '\n' by our code regardless of real formatting (Macintosh convention '\r', Windows convention '\r\n'). However the actual end-of-line style is probed and preserved on file updates. Finally the file is not left open for an indeterminated amount of time after file access, what wasn't reported but deduced by own code studies to be a potential issue and therefor fixed as a precaution.

Add Comment

Modify Ticket

as closed The owner will remain hasienda.
The resolution will be deleted. Next status will be 'reopened'.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.