Commit 714ea7ca authored by Iustin Pop's avatar Iustin Pop
Browse files

Add an extra safety layer to _CleanDirectory

In order to protect from accidental use of _CleanDirectory on a random
directory, we add a list of allowed clean directories, somewhat similar
to _ALLOWED_UPLOAD_FILES (but statically computed).
Signed-off-by: default avatarIustin Pop <>
Reviewed-by: default avatarMichael Hanselmann <>
parent e8022bef
......@@ -23,6 +23,8 @@
@var _ALLOWED_UPLOAD_FILES: denotes which files are accepted in
the L{UploadFile} function
@var _ALLOWED_CLEAN_DIRS: denotes which directories are accepted
in the L{_CleanDirectory} function
......@@ -57,6 +59,11 @@ from ganeti import ssconf
_BOOT_ID_PATH = "/proc/sys/kernel/random/boot_id"
_ALLOWED_CLEAN_DIRS = frozenset([
class RPCFail(Exception):
......@@ -143,6 +150,10 @@ def _CleanDirectory(path, exclude=None):
to the empty list
if path not in _ALLOWED_CLEAN_DIRS:
_Fail("Path passed to _CleanDirectory not in allowed clean targets: '%s'",
if not os.path.isdir(path):
if exclude is None:
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment