You are here: Foswiki>Tasks Web>Item10340 (06 Jan 2015, GeorgeClark)Edit Attach

Item10340: Problem with User Account named topic creation

pencil
Priority: Normal
Current State: No Action Required
Released In: n/a
Target Release: n/a
Applies To: Engine
Component: FoswikiStore
Branches:
Reported By: MarkoRintamaki
Waiting For:
Last Change By: GeorgeClark
Hello

I have problem with topic creation for same name as logged user.. I have enabled apache authentication and there is no user registration enabled. That's why users have to create own home topic personally.

  • When I try to create topic to Main web with a same name as logged user "DemoUser" I cannot do it ?
  • When I try to create topic "DemoUser" to other web's it will be go smoothly

Some log about situation? 

[Thu Feb 10 08:31:40 2011] [error] [client 192.168.52.18] Insecure dependency in open while running with -T switch at /usr/local/nest_tools/Foswiki-1.1.2/lib/Foswiki/Store/VC/Handler.pm line 839., referer: https://nestdemo.localdomain/ProjectFOSWIKI/
[Thu Feb 10 08:31:40 2011] [error] [client 192.168.52.18]  at /usr/local/nest_tools/Foswiki-1.1.2/lib/Foswiki/Store/VC/Handler.pm line 839, referer: https://nestdemo.localdomain/ProjectFOSWIKI/
[Thu Feb 10 08:31:40 2011] [error] [client 192.168.52.18] \tFoswiki::Store::VC::Handler::saveFile('Foswiki::Store::VC::RcsWrapHandler=HASH(0x9167aa0)', '/usr/local/nest_tools/Foswiki-1.1.2/data/Main/DemoUser.lease', 'taken\\x{a}1297355500\\x{a}user\\x{a}DemoUser\\x{a}expires\\x{a}1297359100') called at /usr/local/nest_tools/Foswiki-1.1.2/lib/Foswiki/Store/VC/Handler.pm line 730, referer: https://nestdemo.localdomain/ProjectFOSWIKI/
[Thu Feb 10 08:31:40 2011] [error] [client 192.168.52.18] \tFoswiki::Store::VC::Handler::setLease('Foswiki::Store::VC::RcsWrapHandler=HASH(0x9167aa0)', 'HASH(0x8e08ad0)') called at /usr/local/nest_tools/Foswiki-1.1.2/lib/Foswiki/Store/VC/Store.pm line 518, referer: https://nestdemo.localdomain/ProjectFOSWIKI/
[Thu Feb 10 08:31:40 2011] [error] [client 192.168.52.18] \tFoswiki::Store::VC::Store::setLease('Foswiki::Store::RcsWrap=HASH(0x8e555e8)', 'Foswiki::Meta=HASH(0x9562838)', 'HASH(0x8e08ad0)') called at /usr/local/nest_tools/Foswiki-1.1.2/lib/Foswiki/Meta.pm line 2402, referer: https://nestdemo.localdomain/ProjectFOSWIKI/
[Thu Feb 10 08:31:40 2011] [error] [client 192.168.52.18] \tFoswiki::Meta::setLease('Foswiki::Meta=HASH(0x9562838)', 3600) called at /usr/local/nest_tools/Foswiki-1.1.2/lib/Foswiki/UI/Edit.pm line 451, referer: https://nestdemo.localdomain/ProjectFOSWIKI/
[Thu Feb 10 08:31:40 2011] [error] [client 192.168.52.18] \tFoswiki::UI::Edit::finalize_edit('Foswiki=HASH(0x8dca3c8)', 'Foswiki::Meta=HASH(0x9562838)', '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN...') called at /usr/local/nest_tools/Foswiki-1.1.2/lib/Foswiki/UI/Edit.pm line 35, referer: https://nestdemo.localdomain/ProjectFOSWIKI/
[Thu Feb 10 08:31:40 2011] [error] [client 192.168.52.18] \tFoswiki::UI::Edit::edit('Foswiki=HASH(0x8dca3c8)') called at /usr/local/nest_tools/Foswiki-1.1.2/lib/Foswiki/UI.pm line 316, referer: https://nestdemo.localdomain/ProjectFOSWIKI/
[Thu Feb 10 08:31:40 2011] [error] [client 192.168.52.18] \tFoswiki::UI::__ANON__() called at /usr/share/perl5/Error.pm line 416, referer: https://nestdemo.localdomain/ProjectFOSWIKI/
[Thu Feb 10 08:31:40 2011] [error] [client 192.168.52.18] \teval {...} called at /usr/share/perl5/Error.pm line 408, referer: https://nestdemo.localdomain/ProjectFOSWIKI/
[Thu Feb 10 08:31:40 2011] [error] [client 192.168.52.18] \tError::subs::try('CODE(0x88cb948)', 'HASH(0x8dca0e8)') called at /usr/local/nest_tools/Foswiki-1.1.2/lib/Foswiki/UI.pm line 435, referer: https://nestdemo.localdomain/ProjectFOSWIKI/
[Thu Feb 10 08:31:40 2011] [error] [client 192.168.52.18] \tFoswiki::UI::_execute('Foswiki::Request=HASH(0x8dafbc0)', 'CODE(0x8daf7b0)', 'edit', 1) called at /usr/local/nest_tools/Foswiki-1.1.2/lib/Foswiki/UI.pm line 277, referer: https://nestdemo.localdomain/ProjectFOSWIKI/
[Thu Feb 10 08:31:40 2011] [error] [client 192.168.52.18] \tFoswiki::UI::handleRequest('Foswiki::Request=HASH(0x8dafbc0)') called at /usr/local/nest_tools/Foswiki-1.1.2/lib/Foswiki/Engine/CGI.pm line 37, referer: https://nestdemo.localdomain/ProjectFOSWIKI/
[Thu Feb 10 08:31:40 2011] [error] [client 192.168.52.18] \tFoswiki::Engine::CGI::run('Foswiki::Engine::CGI=HASH(0x8ab9d50)') called at /usr/local/nest_tools/Foswiki-1.1.2/bin/edit line 24., referer: https://nestdemo.localdomain/ProjectFOSWIKI/

How we solved problem in first case?

This document is about how T-flag error in Foswiki is fixed.

/usr/local/nest_tools/Foswiki/lib/Foswiki/Store/VC/RcsWrapHandler.pm 
141:    # initial revision, so delete repository file and start again
142:    $this->{rcsFile} = Foswiki::Sandbox::untaintUnchecked($this->{rcsFile});
143:    unlink $this->{rcsFile};

165:    $this->{file} = Foswiki::Sandbox::untaintUnchecked($this->{file});
166:    chmod( $Foswiki::cfg{RCS}{filePermission}, $this->{file} );

486:    $this->{file} = Foswiki::Sandbox::untaintUnchecked($this->{file});
487:    chmod( $Foswiki::cfg{RCS}{filePermission}, $this->{file} )

523:    $this->{file} = Foswiki::Sandbox::untaintUnchecked($this->{file});
524:    chmod( $Foswiki::cfg{RCS}{filePermission}, $this->{file} );


/usr/local/nest_tools/Foswiki/lib/Foswiki/Store/VC/Handler.pm 
693:    else {
694:    $filename = Foswiki::Sandbox::untaintUnchecked($filename);
695:    unlink $filename

733:    my $filename = _controlFileName( $this, 'lease' );
734:    $filename = Foswiki::Sandbox::untaintUnchecked($filename);
735:    if ($lease) {

829:    sub moveFile {
830:    my ( $this, $from, $to ) = @_;
831:    $from = Foswiki::Sandbox::untaintUnchecked($from);
832:    $to = Foswiki::Sandbox::untaintUnchecked($to);
833:    ASSERT( -e $from ) if DEBUG;


842:    $this->mkPathTo($name);
842:    $name = Foswiki::Sandbox::untaintUnchecked($name);
842:    my $fh;


-- MarkoRintamaki - 10 Feb 2011

It's been a while. Have you gotten any resolution or workaround to this? A number of these "taint" issues have been resolved in later versions of Foswiki. You might try 1.1.3

-- GeorgeClark - 21 Sep 2011

I added some information about changed files... Fixes was done one of my our member. Changes are done for Foswiki 1.1.3

Could this provide more information

-- MarkoRintamaki - 31 Oct 2011

Crawford, are there some taint issues lurking here, maybe triggered by perl versions?

-- GeorgeClark - 08 Mar 2012

It seems unlikely, given that the failure is triggered from the save script. Only way to track this down is to debug it; untainting the data at the handler level is definitely not recommended.

-- CrawfordCurrie - 08 Mar 2012

-- MarkoRintamaki - 08 Mar 2012

We have been working with server solution called FreeNEST. It's preinstalled ubuntu 10.4 image ... Image is downloadable already at http://beachhead.labranet.jamk.fi/wiki

But I could try to setup server for you ? You could access this instance and try to debug? Of course you have other work also smile

http://www.conceptnest.org

-- MarkoRintamaki - 08 Mar 2012

Setting this to No Action. Foswiki 1.2 will ship with Taint checking disabled. That should resolve issues like this.

-- GeorgeClark - 06 Jan 2015
 

ItemTemplate edit

Summary Problem with User Account named topic creation
ReportedBy MarkoRintamaki
Codebase 1.1.3
SVN Range
AppliesTo Engine
Component FoswikiStore
Priority Normal
CurrentState No Action Required
WaitingFor
Checkins
TargetRelease n/a
ReleasedIn n/a
CheckinsOnBranches
trunkCheckins
masterCheckins
ItemBranchCheckins
Release01x01Checkins
Edit  | Attach | Print version | History: r9 < r8 < r7 < r6 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r9 - 06 Jan 2015, GeorgeClark
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy