[FIX] picking of username for session data directory in case of setuid
Try using geteuid() before getpass.getuser() so a system where environment user and effective user (e.g. sudo, start-stop-daemon) creates session-storage directory with a username matching the access rights. lp bug: https://launchpad.net/bugs/1172306 fixed bzr revid: xmo@openerp.com-20130610092107-o4ym83e4ycz450un
This commit is contained in:
commit
1ef68b2806
|
@ -488,9 +488,13 @@ class DisableCacheMiddleware(object):
|
|||
|
||||
def session_path():
|
||||
try:
|
||||
username = getpass.getuser()
|
||||
except Exception:
|
||||
username = "unknown"
|
||||
import pwd
|
||||
username = pwd.getpwuid(os.geteuid()).pw_name
|
||||
except ImportError:
|
||||
try:
|
||||
username = getpass.getuser()
|
||||
except Exception:
|
||||
username = "unknown"
|
||||
path = os.path.join(tempfile.gettempdir(), "oe-sessions-" + username)
|
||||
try:
|
||||
os.mkdir(path, 0700)
|
||||
|
|
Loading…
Reference in New Issue