• Do not register here on develop.twiki.org, login with your twiki.org account.
• Use View topic Item7848 for generic doc work for TWiki-6.1.1. Use View topic Item7851 for doc work on extensions that are not part of a release. More... Close
• Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
Does this site look broken?. Use the LitterTray web for test cases.

Item3515: PublishContrib does a rm -rf

Item Form Data

AppliesTo: Component: Priority: CurrentState: WaitingFor: TargetRelease ReleasedIn
Extension PublishContrib Normal Closed   n/a  

Edit Form Data

Summary:
Reported By:
Codebase:
Applies To:
Component:
Priority:
Current State:
Waiting For:
Target Release:
Released In:
 

Detail

I got this feedback via e-mail:

Just to let you know that there seems to be a rather dangerous defect with the PublishAddOn. We don't fully understand what the defect is, but it seems that this add on tried to delete all files in our server filesystem. It actually succeeded to delete all the data, number of templates and all sorts of other things and we had to restore the data from backups.

In the error logs, there were a huge number of this kind of entries:

[Thu Jan 18 15:44:47 2007] [error] [client 172.21.179.113] [Thu Jan 18 15:44:47 2007] publish: Can't remove file //usr/src/linux-2.4.21-37.0.1.NOEL/include/asm-ppc64/unistd.h (Permission denied) at /usr/local/niw/lib/TWiki/Contrib/PublishContrib/PDFWriter.pm line 46, referer: http://example.com/TWiki/PublishContrib

As said, we don't understand exactly the chain of events here, but it seems clear that in some case this plugin ends up trying to delete everything from the filesystem, which is quite nasty...

Anyway I thought that you would be interested to hear about this as well.

Just some further information: This seems to be the place in the logs where the whole thing started:

[Thu Jan 18 15:19:42 2007] [error] [client 172.21.179.113] [Thu Jan 18 15:19:42 2007] publish: Use of uninitialized value in substitution (s///) at /path/to/lib/TWiki/Contrib/Publish.pm line 214., referer: http://example.com/TWiki/PublishContrib [Thu Jan 18 15:19:48 2007] [error] [client 172.21.179.113] [Thu Jan 18 15:19:48 2007] publish: Use of uninitialized value in split at /path/to/lib/TWiki/Contrib/PublishContrib/PDFWriter.pm line 31., referer: http://example.com/TWiki/PublishContrib [Thu Jan 18 15:19:48 2007] [error] [client 172.21.179.113] /usr/bin/htmldoc '--webpage' '--links' '--linkstyle' 'plain' '--outfile' '/path/to/pub/publishdata/Sandbox.pdf' '/path/to/pub/publishdata/Sandbox_9449/BeautifierTestPage.html' '/path/to/pub/publishdata/Sandbox_9449/ChildTestPage.html' '/path/to/pub/publishdata/Sandbox_9449/DominoLinkTest.html' '/path/to/pub/publishdata/Sandbox_9449/FindChildren.html' '/path/to/pub/publishdata/Sandbox_9449/JarkkoPesonentestdocument.h tml' '/path/to/pub/publishdata/Sandbox_9449/Jjjjjjjj.html' '/path/to/pub/publishdata/Sandbox_9449/LinWangSandbox.html' '/path/to/pub/publishdata/Sandbox_9449/NiwSkinTestPage.html' '/path/to/pub/publishdata/Sandbox_9449/Ooo.html' '/path/to/pub/publishdata/Sandbox_9449/PluginTestEmptyPlugin.html' '/path/to/pub/publishdata/Sandbox_9449/PluginTestPage.html' '/path/to/pub/publishdata/Sandbox_9449/StillAnotherChildPage.html' '/path/to/pub/publishdata/Sandbox_9449/TemplateTestPage.html' '/path/to/pub/publishdata/Sandbox_9449/TestTopic0.html' '/path/to/pub/publishdata/Sandbox_9449/TestTopic1.html' '/path/to/pub/publishdata/Sandbox_9449/TestTopic2.html' '/path/to/pub/publishdata/Sandbox_9449/TestTopic3.html' '/path/to/pub/publishdata/Sandbox_9449/TestTopic4.html' '/path/to/pub/publishdata/Sandbox_9449/TestTopic5.html' '/path/to/pub/publishdata/Sandbox_9449/WebAtom.html' '/path/to/pub/publishdata/Sandbox_9449/WebChanges.html' '/path/to/pub/publishdata/Sandbox_9449/WebHome.html' '/path/to/pub/publishdata/Sandbox_9449/WebIndex.html' '/path/to/pub/publishdata/Sandbox_9449/WebLeftBar.html' '/path/to/pub/publishdata/Sandbox_9449/WebNotify.html' '/path/to/pub/publishdata/Sandbox_9449/WebPreferences.html' '/path/to/pub/publishdata/Sandbox_9449/WebRss.html' '/path/to/pub/publishdata/Sandbox_9449/WebSearch.html' '/path/to/pub/publishdata/Sandbox_9449/WebSearchAdvanced.html' '/path/to/pub/publishdata/Sandbox_9449/WebStatistics.html' '/path/to/pub/publishdata/Sandbox_9449/WebTopicCreator.html' '/path/to/pub/publishdata/Sandbox_9449/WebTopicList.html' '/path/to/pub/publishdata/Sandbox_9449/WysiwygEditorTest.html' '/path/to/pub/publishdata/Sandbox_9449/YetAnotherChildPage.html' -> , referer: http://example.com/TWiki/PublishContrib [Thu Jan 18 15:19:48 2007] [error] [client 172.21.179.113] [Thu Jan 18 15:19:48 2007] publish: Use of uninitialized value in concatenation (.) or string at /path/to/lib/TWiki/Contrib/PublishContrib/PDFWriter.pm line 46., referer: http://example.com/TWiki/PublishContrib [Thu Jan 18 15:19:48 2007] [error] [client 172.21.179.113] [Thu Jan 18 15:19:48 2007] publish: Use of uninitialized value in concatenation (.) or string at /path/to/lib/TWiki/Contrib/PublishContrib/PDFWriter.pm line 46., referer: http://example.com/TWiki/PublishContrib [Thu Jan 18 15:19:48 2007] [error] [client 172.21.179.113] [Thu Jan 18 15:19:48 2007] publish: Can't chdir to //lost+found (Permission denied) at /path/to/lib/TWiki/Contrib/PublishContrib/PDFWriter.pm line 46, referer: http://example.com/TWiki/PublishContrib [Thu Jan 18 15:19:48 2007] [error] [client 172.21.179.113] [Thu Jan 18 15:19:48 2007] publish: Can't chdir to //boot/lost+found (Permission denied) at /path/to/lib/TWiki/Contrib/PublishContrib/PDFWriter.pm line 46, referer: http://example.com/TWiki/PublishContrib [Thu Jan 18 15:19:48 2007] [error] [client 172.21.179.113] [Thu Jan 18 15:19:48 2007] publish: Can't remove file //boot/grub/grub.conf (Permission denied) at /path/to/lib/TWiki/Contrib/PublishContrib/PDFWriter.pm line 46, referer: http://example.com/TWiki/PublishContrib [Thu Jan 18 15:19:48 2007] [error] [client 172.21.179.113] [Thu Jan 18 15:19:48 2007] publish: Can't remove file //boot/grub/splash.xpm.gz (Permission denied) at /path/to/lib/TWiki/Contrib/PublishContrib/PDFWriter.pm line 46, referer: http://example.com/TWiki/PublishContrib [Thu Jan 18 15:19:48 2007] [error] [client 172.21.179.113] [Thu Jan 18 15:19:48 2007] publish: Can't remove file //boot/grub/menu.lst (Permission denied) at /path/to/lib/TWiki/Contrib/PublishContrib/PDFWriter.pm line 46, referer: http://example.com/TWiki/PublishContrib

The code on line 46 of PDFWriter.pm says

File::Path::rmtree("$this->{path}/$this->{web <File::Path::rmtree(> }", 0, 1 );

So it seems that if a variable is uninitialized, this will result in trying to delete everything from the root of the filesystem instead of the intended directory...pretty dangerous.

-- TWiki:Main/PeterThoeny - 27 Jan 2007

I commented out the offending code in the PDF writer until the author can take a look. Sorry it took so long to react, the report was marked as "Normal" priority.

Martin, can you take a look please?

CC

Thanks for the email, Crawford.

Peter - would you please apologise to the client for me that the contrib caused damage.

I agree that it looks like the $this->{path} and $this->{web} are not set in http://develop.twiki.org/svn/twiki/branches/MAIN/twikiplugins/PublishContrib/lib/TWiki/Contrib/PublishContrib/pdffiles.pm

the same way as they are in:

http://develop.twiki.org/svn/twiki/branches/MAIN/twikiplugins/PublishContrib/lib/TWiki/Contrib/PublishContrib/file.pm

Crawford's modification to eliminate the removal of the PDF files is fine. If the client wants to delete the files a safe approach would be to individually record the pdf files that are created, and explicitly delete these after.

Maybe it would be useful for TWiki to profile plugins and contribs along certain dimensions, e.g. calls to external commands and common 'destructive' commands.

If the client wants this documented and/or improved please contact me.

-- TWiki:Main.MartinCleaver - 31 Jan 2007

Martin, I appreciate all your contributions in the past, but could you please show some goodwill and fix bugs in code you contributued without asking for a consulting gig? We are an open source community...

-- TWiki:Main.PeterThoeny - 31 Jan 2007

Too late, I already coded it.

CC

Thanks.

-- TWiki:Main.MartinCleaver - 03 Feb 2007

ItemTemplate
Summary PublishContrib does a rm -rf
ReportedBy TWiki:Main.PeterThoeny
Codebase

SVN Range TWiki-4.1.0, Mon, 22 Jan 2007, build 12595
AppliesTo Extension
Component PublishContrib
Priority Normal
CurrentState Closed
WaitingFor

Checkins 12684 12708
TargetRelease n/a
ReleasedIn

Edit | Attach | Watch | Print version | History: r14 < r13 < r12 < r11 < r10 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r14 - 2007-02-03 - MartinCleaver
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback