Add config allow_paths for exec module
This commit is contained in:
Alex X
@@ -9,6 +9,7 @@ import (
|
|||||||
"io"
|
"io"
|
||||||
"net/url"
|
"net/url"
|
||||||
"os"
|
"os"
|
||||||
|
"slices"
|
||||||
"strings"
|
"strings"
|
||||||
"sync"
|
"sync"
|
||||||
"syscall"
|
"syscall"
|
||||||
@@ -26,6 +27,16 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
func Init() {
|
func Init() {
|
||||||
|
var cfg struct {
|
||||||
|
Mod struct {
|
||||||
|
AllowPaths []string `yaml:"allow_paths"`
|
||||||
|
} `yaml:"exec"`
|
||||||
|
}
|
||||||
|
|
||||||
|
app.LoadConfig(&cfg)
|
||||||
|
|
||||||
|
allowPaths = cfg.Mod.AllowPaths
|
||||||
|
|
||||||
rtsp.HandleFunc(func(conn *pkg.Conn) bool {
|
rtsp.HandleFunc(func(conn *pkg.Conn) bool {
|
||||||
waitersMu.Lock()
|
waitersMu.Lock()
|
||||||
waiter := waiters[conn.URL.Path]
|
waiter := waiters[conn.URL.Path]
|
||||||
@@ -49,6 +60,8 @@ func Init() {
|
|||||||
log = app.GetLogger("exec")
|
log = app.GetLogger("exec")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var allowPaths []string
|
||||||
|
|
||||||
func execHandle(rawURL string) (prod core.Producer, err error) {
|
func execHandle(rawURL string) (prod core.Producer, err error) {
|
||||||
rawURL, rawQuery, _ := strings.Cut(rawURL, "#")
|
rawURL, rawQuery, _ := strings.Cut(rawURL, "#")
|
||||||
query := streams.ParseQuery(rawQuery)
|
query := streams.ParseQuery(rawQuery)
|
||||||
@@ -73,6 +86,10 @@ func execHandle(rawURL string) (prod core.Producer, err error) {
|
|||||||
debug: log.Debug().Enabled(),
|
debug: log.Debug().Enabled(),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if allowPaths != nil && !slices.Contains(allowPaths, cmd.Args[0]) {
|
||||||
|
return nil, errors.New("exec: bin not in allow_paths: " + cmd.Args[0])
|
||||||
|
}
|
||||||
|
|
||||||
if s := query.Get("killsignal"); s != "" {
|
if s := query.Get("killsignal"); s != "" {
|
||||||
sig := syscall.Signal(core.Atoi(s))
|
sig := syscall.Signal(core.Atoi(s))
|
||||||
cmd.Cancel = func() error {
|
cmd.Cancel = func() error {
|
||||||
|
|||||||
Reference in New Issue
Block a user