[Django] #31983: Add security check for cache location
Django
---------------------------------------------+-----------------------------
Reporter: christa | Owner: nobody
Type: Uncategorized | Status: new
Component: Testing framework | Version: 3.1
Severity: Normal | Keywords: cache check
Triage Stage: Unreviewed | Has patch: 1
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
---------------------------------------------+-----------------------------
Hi, I have been reported an issue to security team one month ago. And the
final conclusion is to check whether filesystem cache's location is a
sub directory of special location.
I wrote a check function and require a ticket to make a PR.
--
Ticket URL: <https://code.djangoproject.com/ticket/31983>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
Django
media roots
--------------------------------------+------------------------------------
Reporter: christa | Owner: nobody
Type: Cleanup/optimization | Status: new
Component: Core (Cache system) | Version: master
Severity: Normal | Resolution:
Keywords: cache check | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 1
Needs tests: 1 | Patch needs improvement: 1
Easy pickings: 1 | UI/UX: 0
--------------------------------------+------------------------------------
Changes (by Johannes Hoppe):
* cc: Johannes Hoppe (added)
* needs_better_patch: 0 => 1
* component: Testing framework => Core (Cache system)
* needs_tests: 0 => 1
* version: 3.1 => master
* easy: 0 => 1
* needs_docs: 0 => 1
* type: Uncategorized => Cleanup/optimization
* stage: Unreviewed => Accepted
Old description:
> Hi, I have been reported an issue to security team one month ago. And the
> final conclusion is to check whether filesystem cache's location is a
> sub directory of special location.
>
> I wrote a check function and require a ticket to make a PR.
New description:
Hi,
I have been reported an issue regarding the file system cache location to
security team one month ago. And the conclusion is to check whether file
system cache's location is a subdirectory of special location.
I wrote a check function and require a ticket to make a PR.
--
Comment:
Hi there,
You are making an excellent point. Since this seems to be your first code
contribution, I recommend checking out the contribution guidelines to get
you kick-started.
Beyond that, I will do a review of your patch. Of the bat I can tell you
that tests are missing. You will find examples for how to write a test by
reviewing the tests for similar checks.
Let me know if you need any pointers.
Best,
Joe
--
Ticket URL: <https://code.djangoproject.com/ticket/31983#comment:1>
Django
media roots
--------------------------------------+------------------------------------
Type: Cleanup/optimization | Status: new
Component: Core (Cache system) | Version: master
Severity: Normal | Resolution:
Keywords: cache check | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 1
Needs tests: 1 | Patch needs improvement: 1
Easy pickings: 1 | UI/UX: 0
--------------------------------------+------------------------------------
Comment (by Manav Agarwal):
May I work on this issue.If, yes please assign the same to me and also
please provide some code pointers as well. :)
--
Ticket URL: <https://code.djangoproject.com/ticket/31983#comment:2>
Django
media roots
Reporter: christa | Owner: Bhavna777
Type: | Status: assigned
Cleanup/optimization |
Component: Core (Cache system) | Version: master
Severity: Normal | Resolution:
Keywords: cache check | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 1
Needs tests: 1 | Patch needs improvement: 1
Easy pickings: 1 | UI/UX: 0
Changes (by Bhavna777):
* owner: nobody => Bhavna777
* status: new => assigned
--
Ticket URL: <https://code.djangoproject.com/ticket/31983#comment:3>
Django
media roots
Reporter: christa | Owner: christa
Type: Cleanup/optimization | Status: assigned
Component: Core (Cache system) | Version: master
Severity: Normal | Resolution:
Keywords: cache check | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 1
Needs tests: 1 | Patch needs improvement: 1
Easy pickings: 1 | UI/UX: 0
Changes (by felixxm):
* owner: Bhavna => christa
Comment:
[https://github.com/django/django/pull/13389 PR]
Bhavna, patch is already prepared.
--
Ticket URL: <https://code.djangoproject.com/ticket/31983#comment:4>
Django
media roots
--------------------------------------+------------------------------------
Reporter: christa | Owner: christa
Type: Cleanup/optimization | Status: assigned
Component: Core (Cache system) | Version: master
Severity: Normal | Resolution:
Has patch: 1 | Needs documentation: 1
Needs tests: 0 | Patch needs improvement: 1
Easy pickings: 1 | UI/UX: 0
--------------------------------------+------------------------------------
* needs_tests: 1 => 0
--
Ticket URL: <https://code.djangoproject.com/ticket/31983#comment:5>
Django
media roots
--------------------------------------+------------------------------------
Reporter: christa | Owner: christa
Type: Cleanup/optimization | Status: assigned
Component: Core (Cache system) | Version: master
Severity: Normal | Resolution:
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
--------------------------------------+------------------------------------
* needs_better_patch: 1 => 0
Comment:
Author updated patch.
--
Ticket URL: <https://code.djangoproject.com/ticket/31983#comment:8>
Django
media roots
Reporter: christa | Owner: christa
Type: | Status: assigned
Cleanup/optimization |
Component: Core (Cache system) | Version: master
Severity: Normal | Resolution:
| checkin
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
-------------------------------------+-------------------------------------
* stage: Accepted => Ready for checkin
--
Ticket URL: <https://code.djangoproject.com/ticket/31983#comment:9>
Django
media roots
-------------------------------------+-------------------------------------
Reporter: christa | Owner: christa
Cleanup/optimization |
Component: Core (Cache system) | Version: master
Keywords: cache check | Triage Stage: Ready for
| checkin
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
-------------------------------------+-------------------------------------
* status: assigned => closed
* resolution: => fixed
Comment:
In [changeset:"c36075ac1dddfa986340b1a5e15fe48833322372" c36075a]:
{{{
#!CommitTicketReference repository=""
revision="c36075ac1dddfa986340b1a5e15fe48833322372"
Fixed #31983 -- Added system check for file system caches location.
Thanks Johannes Maron and Nick Pope for reviews.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/31983#comment:10>