diff options
author | Christian Rebischke | 2016-11-15 23:28:57 +0100 |
---|---|---|
committer | Christian Rebischke | 2016-11-15 23:28:57 +0100 |
commit | 2d926f8e72362b5cdf81758a6d90cdd3d124b9f6 (patch) | |
tree | 7afc13dd097d909bd662b1543eeb13cbac5c1d15 | |
parent | bbed33e51af404793d0617d18138d76d8af2a44d (diff) | |
download | aur-2d926f8e72362b5cdf81758a6d90cdd3d124b9f6.tar.gz |
SECURITY UPDATE: removed chmod ugo+w
-rw-r--r-- | .SRCINFO | 6 | ||||
-rw-r--r-- | PKGBUILD | 19 | ||||
-rw-r--r-- | viper-api | 12 | ||||
-rw-r--r-- | viper-cli | 12 | ||||
-rw-r--r-- | viper-framework.install | 14 | ||||
-rw-r--r-- | viper-web | 12 |
6 files changed, 64 insertions, 11 deletions
@@ -27,7 +27,13 @@ pkgbase = viper-framework depends = python2-olefile depends = python2-oletools source = viper-framework-1.2.tar.gz::https://github.com/botherder/viper/archive/v1.2.tar.gz + source = viper-cli + source = viper-web + source = viper-api sha512sums = 07ed69479a472a9c909ea57661af33fc8f5a50df4e3af627658dea26d1e5e7f0fef5baef783a4042506e4eb702e757dea8da8e7fd3002d0ae77c053d9f74aee2 + sha512sums = df73eff87c692a5ba1d76e7ae70c8eac6c5de4075a3ee35e80297bad9d71fce413875825b87a36639d649e19224fcb1abadf1aa42c3dc33f8dcd208efd3bf8e9 + sha512sums = 5dd06dfbdd1c3363bdfef3d69e9c32340e0ec897770f1a17de0a5bbe5726dfba5003fea7e9a2124d3d960b83efbe4ac1bf72be7dc4ee24d60bdc924714e3aa7a + sha512sums = cbc6009447fc57245fac4b1143402306bc6979c5031f2589a085134d0219b248682ed7355a4766335bb61e027f6d7b1ee9154fe78a3ebb88ed36275a4d4077da pkgname = viper-framework @@ -8,13 +8,16 @@ arch=("any") url="https://github.com/botherder/viper" license=("BSD") depends=( -"python2-pyexiftool" "python2-pylzma" "python2-bottle" "python2-pyelftools" -"python2-bitstring" "python2-dnspython" "python2-m2crypto" "python2-pyasn1" -"python2-requests" "python2-sqlalchemy" "python2-prettytable" "python2-magic" -"python2-pydeep" "ssdeep" "python2-ssdeep" "python2-beautifulsoup4" -"python2-pefile" "python2-crypto" "python2-olefile" "python2-oletools") -source=("${pkgname}-${pkgver}.tar.gz::https://github.com/botherder/viper/archive/v${pkgver}.tar.gz") -sha512sums=('07ed69479a472a9c909ea57661af33fc8f5a50df4e3af627658dea26d1e5e7f0fef5baef783a4042506e4eb702e757dea8da8e7fd3002d0ae77c053d9f74aee2') + "python2-pyexiftool" "python2-pylzma" "python2-bottle" "python2-pyelftools" + "python2-bitstring" "python2-dnspython" "python2-m2crypto" "python2-pyasn1" + "python2-requests" "python2-sqlalchemy" "python2-prettytable" "python2-magic" + "python2-pydeep" "ssdeep" "python2-ssdeep" "python2-beautifulsoup4" + "python2-pefile" "python2-crypto" "python2-olefile" "python2-oletools") +source=("${pkgname}-${pkgver}.tar.gz::https://github.com/botherder/viper/archive/v${pkgver}.tar.gz" "viper-cli" "viper-web" "viper-api") +sha512sums=('07ed69479a472a9c909ea57661af33fc8f5a50df4e3af627658dea26d1e5e7f0fef5baef783a4042506e4eb702e757dea8da8e7fd3002d0ae77c053d9f74aee2' + 'df73eff87c692a5ba1d76e7ae70c8eac6c5de4075a3ee35e80297bad9d71fce413875825b87a36639d649e19224fcb1abadf1aa42c3dc33f8dcd208efd3bf8e9' + '5dd06dfbdd1c3363bdfef3d69e9c32340e0ec897770f1a17de0a5bbe5726dfba5003fea7e9a2124d3d960b83efbe4ac1bf72be7dc4ee24d60bdc924714e3aa7a' + 'cbc6009447fc57245fac4b1143402306bc6979c5031f2589a085134d0219b248682ed7355a4766335bb61e027f6d7b1ee9154fe78a3ebb88ed36275a4d4077da') install="viper-framework.install" build() { @@ -28,4 +31,6 @@ package() { mkdir -p "${pkgdir}/opt/viper/" mv * "${pkgdir}/opt/viper/" sed -i 's|#!/usr/bin/env python|#!/usr/bin/env python2|' "${pkgdir}/opt/viper/"{viper.py,api.py,web.py,update.py} + mkdir -p "${pkgdir}/usr/bin/" + install -m755 -D "${srcdir}/"viper-{cli,web,api} "${pkgdir}/usr/bin/" } diff --git a/viper-api b/viper-api new file mode 100644 index 000000000000..a356a2d11466 --- /dev/null +++ b/viper-api @@ -0,0 +1,12 @@ +#!/bin/bash + +if [[ $UID -eq 0 ]]; then + echo "Do not run viper as root!" + exit 1 +elif groups $USER | grep &>/dev/null "\bviper\b"; then + cd /opt/viper + ./api.py "$@" +else + echo "You have to be in group 'viper'" + exit 1 +fi diff --git a/viper-cli b/viper-cli new file mode 100644 index 000000000000..41a0c0db95b5 --- /dev/null +++ b/viper-cli @@ -0,0 +1,12 @@ +#!/bin/bash + +if [[ $UID -eq 0 ]]; then + echo "Do not run viper as root!" + exit 1 +elif groups $USER | grep &>/dev/null "\bviper\b"; then + cd /opt/viper + ./viper.py "$@" +else + echo "You have to be in group 'viper'" + exit 1 +fi diff --git a/viper-framework.install b/viper-framework.install index c04c0f9ab938..93d0c2dec88d 100644 --- a/viper-framework.install +++ b/viper-framework.install @@ -1,7 +1,13 @@ -#!/bin/bash - post_install(){ - chmod ugo+w /opt/viper -} + /usr/bin/getent group viper > /dev/null || /usr/sbin/groupadd viper + /usr/bin/getent passwd viper > /dev/null || \ + /usr/bin/useradd -d /opt/viper -g viper -s /usr/bin/nologin viper + chmod 770 /opt/viper + chown -R viper:viper /opt/viper + chmod g+s /opt/viper +} +post_upgrade(){ + post_install +} diff --git a/viper-web b/viper-web new file mode 100644 index 000000000000..35909e595707 --- /dev/null +++ b/viper-web @@ -0,0 +1,12 @@ +#!/bin/bash + +if [[ $UID -eq 0 ]]; then + echo "Do not run viper as root!" + exit 1 +elif groups $USER | grep &>/dev/null "\bviper\b"; then + cd /opt/viper/ + ./viper/web.py "$@" +else + echo "You have to be in group 'viper'" + exit 1 +fi |