SECURITY UPDATE: removed chmod ugo+w

author: Christian Rebischke 2016-11-15 23:28:57 +0100
committer: Christian Rebischke 2016-11-15 23:28:57 +0100
commit: 2d926f8e72362b5cdf81758a6d90cdd3d124b9f6 (patch)
tree: 7afc13dd097d909bd662b1543eeb13cbac5c1d15
parent: bbed33e51af404793d0617d18138d76d8af2a44d (diff)
download: aur-2d926f8e72362b5cdf81758a6d90cdd3d124b9f6.tar.gz
6 files changed, 64 insertions, 11 deletions
diff --git a/.SRCINFO b/.SRCINFO
index b3aaaf4e5f31..8cd558a894a4 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -27,7 +27,13 @@ pkgbase = viper-framework
 	depends = python2-olefile
 	depends = python2-oletools
 	source = viper-framework-1.2.tar.gz::https://github.com/botherder/viper/archive/v1.2.tar.gz
+	source = viper-cli
+	source = viper-web
+	source = viper-api
 	sha512sums = 07ed69479a472a9c909ea57661af33fc8f5a50df4e3af627658dea26d1e5e7f0fef5baef783a4042506e4eb702e757dea8da8e7fd3002d0ae77c053d9f74aee2
+	sha512sums = df73eff87c692a5ba1d76e7ae70c8eac6c5de4075a3ee35e80297bad9d71fce413875825b87a36639d649e19224fcb1abadf1aa42c3dc33f8dcd208efd3bf8e9
+	sha512sums = 5dd06dfbdd1c3363bdfef3d69e9c32340e0ec897770f1a17de0a5bbe5726dfba5003fea7e9a2124d3d960b83efbe4ac1bf72be7dc4ee24d60bdc924714e3aa7a
+	sha512sums = cbc6009447fc57245fac4b1143402306bc6979c5031f2589a085134d0219b248682ed7355a4766335bb61e027f6d7b1ee9154fe78a3ebb88ed36275a4d4077da
 
 pkgname = viper-framework
 
diff --git a/PKGBUILD b/PKGBUILD
index fe2c553acf4b..15f5d7315841 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -8,13 +8,16 @@ arch=("any")
 url="https://github.com/botherder/viper"
 license=("BSD")
 depends=(
-"python2-pyexiftool" "python2-pylzma" "python2-bottle" "python2-pyelftools" 
-"python2-bitstring" "python2-dnspython" "python2-m2crypto" "python2-pyasn1" 
-"python2-requests" "python2-sqlalchemy" "python2-prettytable" "python2-magic" 
-"python2-pydeep" "ssdeep" "python2-ssdeep" "python2-beautifulsoup4" 
-"python2-pefile" "python2-crypto" "python2-olefile" "python2-oletools") 
-source=("${pkgname}-${pkgver}.tar.gz::https://github.com/botherder/viper/archive/v${pkgver}.tar.gz")
-sha512sums=('07ed69479a472a9c909ea57661af33fc8f5a50df4e3af627658dea26d1e5e7f0fef5baef783a4042506e4eb702e757dea8da8e7fd3002d0ae77c053d9f74aee2')
+  "python2-pyexiftool" "python2-pylzma" "python2-bottle" "python2-pyelftools" 
+  "python2-bitstring" "python2-dnspython" "python2-m2crypto" "python2-pyasn1" 
+  "python2-requests" "python2-sqlalchemy" "python2-prettytable" "python2-magic" 
+  "python2-pydeep" "ssdeep" "python2-ssdeep" "python2-beautifulsoup4" 
+  "python2-pefile" "python2-crypto" "python2-olefile" "python2-oletools") 
+source=("${pkgname}-${pkgver}.tar.gz::https://github.com/botherder/viper/archive/v${pkgver}.tar.gz" "viper-cli" "viper-web" "viper-api")
+sha512sums=('07ed69479a472a9c909ea57661af33fc8f5a50df4e3af627658dea26d1e5e7f0fef5baef783a4042506e4eb702e757dea8da8e7fd3002d0ae77c053d9f74aee2'
+            'df73eff87c692a5ba1d76e7ae70c8eac6c5de4075a3ee35e80297bad9d71fce413875825b87a36639d649e19224fcb1abadf1aa42c3dc33f8dcd208efd3bf8e9'
+            '5dd06dfbdd1c3363bdfef3d69e9c32340e0ec897770f1a17de0a5bbe5726dfba5003fea7e9a2124d3d960b83efbe4ac1bf72be7dc4ee24d60bdc924714e3aa7a'
+            'cbc6009447fc57245fac4b1143402306bc6979c5031f2589a085134d0219b248682ed7355a4766335bb61e027f6d7b1ee9154fe78a3ebb88ed36275a4d4077da')
 install="viper-framework.install"
 
 build() {
@@ -28,4 +31,6 @@ package() {
   mkdir -p "${pkgdir}/opt/viper/"
   mv * "${pkgdir}/opt/viper/"
   sed -i 's|#!/usr/bin/env python|#!/usr/bin/env python2|' "${pkgdir}/opt/viper/"{viper.py,api.py,web.py,update.py}
+  mkdir -p "${pkgdir}/usr/bin/"
+  install -m755 -D "${srcdir}/"viper-{cli,web,api} "${pkgdir}/usr/bin/"
 }
diff --git a/viper-api b/viper-api
new file mode 100644
index 000000000000..a356a2d11466
--- /dev/null
+++ b/viper-api
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+if [[ $UID -eq 0 ]]; then
+    echo "Do not run viper as root!"
+    exit 1
+elif groups $USER | grep &>/dev/null "\bviper\b"; then
+    cd /opt/viper
+    ./api.py "$@"
+else
+    echo "You have to be in group 'viper'"
+    exit 1
+fi
diff --git a/viper-cli b/viper-cli
new file mode 100644
index 000000000000..41a0c0db95b5
--- /dev/null
+++ b/viper-cli
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+if [[ $UID -eq 0 ]]; then
+    echo "Do not run viper as root!"
+    exit 1
+elif groups $USER | grep &>/dev/null "\bviper\b"; then
+    cd /opt/viper
+    ./viper.py "$@"
+else
+    echo "You have to be in group 'viper'"
+    exit 1
+fi
diff --git a/viper-framework.install b/viper-framework.install
index c04c0f9ab938..93d0c2dec88d 100644
--- a/viper-framework.install
+++ b/viper-framework.install
@@ -1,7 +1,13 @@
-#!/bin/bash
-
 post_install(){
-  chmod  ugo+w /opt/viper
-}
+  /usr/bin/getent group viper > /dev/null || /usr/sbin/groupadd viper
+  /usr/bin/getent passwd viper > /dev/null || \
+    /usr/bin/useradd -d /opt/viper -g viper -s /usr/bin/nologin viper
 
+  chmod 770 /opt/viper
+  chown -R viper:viper /opt/viper
+  chmod g+s /opt/viper
+}
 
+post_upgrade(){
+  post_install
+}
diff --git a/viper-web b/viper-web
new file mode 100644
index 000000000000..35909e595707
--- /dev/null
+++ b/viper-web
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+if [[ $UID -eq 0 ]]; then
+    echo "Do not run viper as root!"
+    exit 1
+elif groups $USER | grep &>/dev/null "\bviper\b"; then
+    cd /opt/viper/
+    ./viper/web.py "$@"
+else
+    echo "You have to be in group 'viper'"
+    exit 1
+fi
author	Christian Rebischke	2016-11-15 23:28:57 +0100
committer	Christian Rebischke	2016-11-15 23:28:57 +0100
commit	2d926f8e72362b5cdf81758a6d90cdd3d124b9f6 (patch)
tree	7afc13dd097d909bd662b1543eeb13cbac5c1d15
parent	bbed33e51af404793d0617d18138d76d8af2a44d (diff)
download	aur-2d926f8e72362b5cdf81758a6d90cdd3d124b9f6.tar.gz