Commit Graph

11 Commits

Author SHA1 Message Date
Matthew Penner
d1c0ca5260
server(filesystem): rebuild everything imaginable
This wonderfully large commit replaces basically everything under the
`server/filesystem` package, re-implementing essentially everything.

This is related to
https://github.com/pterodactyl/wings/security/advisories/GHSA-494h-9924-xww9

If any vulnerabilities related to symlinks persist after this commit, I
will be very upset.

Signed-off-by: Matthew Penner <me@matthewp.io>
2024-03-13 12:27:29 -06:00
Matthew Penner
dac9685298
server(filesystem): SafePath tweaks 2023-02-07 19:14:35 -07:00
Matthew Penner
04b9ef69a1
run gofumpt 2021-11-15 10:37:56 -07:00
Dane Everitt
0676a82a21 Add better error handling for filesystem 2021-04-17 13:29:18 -07:00
Dane Everitt
adc0732af3
Better error handling and logging for restorations 2021-01-30 18:43:35 -08:00
Dane Everitt
2c1b211280
Add base idea for denying write access to certain files; ref pterodactyl/panel#569 2021-01-10 16:33:39 -08:00
Matthew Penner
de51fd1c51
Error handling improvements (#71)
* Remove `emperror.dev/errors`, remove all `errors#Wrap` and `errors#WithStack` calls
* Improve logging in `server/backup.go`
2020-11-28 16:57:10 -07:00
Dane Everitt
ef999a039c
Perhaps better error stacks for backups/archives; ref #2418 2020-11-08 14:07:26 -08:00
Dane Everitt
be9d1a3986
Replace error handling package with emperror; add better reporting for errors escaping server root 2020-11-08 13:52:20 -08:00
Dane Everitt
244640d0c1
[security] remove "SafeJoin" function
This function was not actually safe in theory. If an unknown stat source was passed in it would be possible for a symlinked file to not be detected as a symlink, thus skipping any safe path resolutions.

This would happen if the stat source was a regular os.Stat call and not an os.Lstat call, but since there is no way to differentiate between those two in the code, it is safer to just manually apply this logic in the positions where we _know_ for certain that we're working with the results of an Lstat call.
2020-10-01 21:28:38 -07:00
Dane Everitt
0f7bb1a371
Refactor filesystem to not be dependent on a server struct 2020-09-27 12:24:08 -07:00