diff options
| author | Nikolaus Schulz <microschulz@web.de> | 2008-08-04 19:53:31 +0200 |
|---|---|---|
| committer | Nikolaus Schulz <microschulz@web.de> | 2009-11-06 21:09:39 +0100 |
| commit | 79bcf86860fc3ac6361165f2ab1b52338072165f (patch) | |
| tree | d3e37b96ceb4eecebe53118c3d922c76a8605699 | |
| parent | a3276f8c68287746417ee520719d2c04fc94f43c (diff) | |
| download | archivemail-79bcf86860fc3ac6361165f2ab1b52338072165f.tar.gz archivemail-79bcf86860fc3ac6361165f2ab1b52338072165f.tar.bz2 archivemail-79bcf86860fc3ac6361165f2ab1b52338072165f.zip | |
Remove simple-minded security checks
Remove the checks if the mailbox is a symlink, and if the output directory is
world-writable. Better no security than half-baked security.
| -rwxr-xr-x | archivemail.py | 12 |
1 files changed, 0 insertions, 12 deletions
diff --git a/archivemail.py b/archivemail.py index 594c09b..de983ab 100755 --- a/archivemail.py +++ b/archivemail.py @@ -1121,9 +1121,6 @@ def archive(mailbox_name): tempfile.tempdir = new_temp_dir vprint("set tempfile directory to '%s'" % new_temp_dir) - if os.path.islink(mailbox_name): - unexpected_error("'%s' is a symbolic link -- I feel nervous!" % - mailbox_name) is_imap = urlparse.urlparse(mailbox_name)[0] in ('imap', 'imaps') if is_imap: vprint("guessing mailbox is of type: imap(s)") @@ -1645,15 +1642,6 @@ def check_sane_destdir(dir): user_error("output directory does not exist: '%s'" % dir) if not os.access(dir, os.W_OK): user_error("no write permission on output directory: '%s'" % dir) - if is_world_writable(dir): - unexpected_error(("output directory is world-writable: '%s' -- " - "I feel nervous!") % dir) - - -def is_world_writable(path): - """Return true if the path is world-writable, false otherwise""" - assert(path) - return (os.stat(path)[stat.ST_MODE] & stat.S_IWOTH) def nice_size_str(size): |