Merge branch '2.7-maintenance'

2024-11-23 23:29:58 +00:00 · 2014-01-10 10:43:55 +00:00 · 2014-01-10 10:43:55 +00:00 · 27ffd01f95
commit 27ffd01f95
parent f6c6fe4382 5662125f79
2 changed files with 34 additions and 3 deletions
--- a/7
+++ b/7
@ -12,10 +12,15 @@ Version 2.8

 Version 2.7.2
 -------------
-(bugfix release, release date to be decided)
+(bugfix release, released on January 10th 2014)

 - Prefix loader was not forwarding the locals properly to
  inner loaders.  This is now fixed.
+- Security issue: Changed the default folder for the filesystem cache to be
+  user specific and read and write protected on UNIX systems.  See `Debian bug
+  734747`_ for more information.
+
+.. _Debian bug 734747: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734747

 Version 2.7.1
 -------------
--- a/jinja2/bccache.py
+++ b/jinja2/bccache.py
@ -15,7 +15,9 @@
    :license: BSD.
 """
 from os import path, listdir
+import os
 import sys
+import errno
 import marshal
 import tempfile
 import fnmatch
@ -189,7 +191,9 @@ class FileSystemBytecodeCache(BytecodeCache):
    two arguments: The directory where the cache items are stored and a
    pattern string that is used to build the filename.

-    If no directory is specified the system temporary items folder is used.
+    If no directory is specified a default cache directory is selected.  On
+    Windows the user's temp directory is used, on UNIX systems a directory
+    is created for the user in the system temp directory.

    The pattern can be used to have multiple separate caches operate on the
    same directory.  The default pattern is ``'__jinja2_%s.cache'``.  ``%s``
@ -202,10 +206,32 @@ class FileSystemBytecodeCache(BytecodeCache):

    def __init__(self, directory=None, pattern='__jinja2_%s.cache'):
        if directory is None:
-            directory = tempfile.gettempdir()
+            directory = self._get_default_cache_dir()
        self.directory = directory
        self.pattern = pattern

+    def _get_default_cache_dir(self):
+        tmpdir = tempfile.gettempdir()
+
+        # On windows the temporary directory is used specific unless
+        # explicitly forced otherwise.  We can just use that.
+        if os.name == 'n':
+            return tmpdir
+        if not hasattr(os, 'getuid'):
+            raise RuntimeError('Cannot determine safe temp directory.  You '
+                               'need to explicitly provide one.')
+
+        dirname = '_jinja2-cache-%d' % os.getuid()
+        actual_dir = os.path.join(tmpdir, dirname)
+        try:
+            # 448 == 0700
+            os.mkdir(actual_dir, 448)
+        except OSError as e:
+            if e.errno != errno.EEXIST:
+                raise
+
+        return actual_dir
+
    def _get_cache_filename(self, bucket):
        return path.join(self.directory, self.pattern % bucket.key)