fix username spoofing
vilmibm
parent
b10bdd756a
commit
470ebb5507
|
|
@ -9,7 +9,9 @@ import (
|
|||
"math/rand"
|
||||
"net/http"
|
||||
"os"
|
||||
"os/user"
|
||||
"path/filepath"
|
||||
"syscall"
|
||||
"time"
|
||||
|
||||
email "git.tilde.town/tildetown/town/email"
|
||||
|
|
@ -33,7 +35,14 @@ func processGitea(rp string) error {
|
|||
usernames := []string{}
|
||||
|
||||
for _, file := range files {
|
||||
usernames = append(usernames, file.Name())
|
||||
sysInfo := file.Sys()
|
||||
uid := sysInfo.(*syscall.Stat_t).Uid
|
||||
user, err := user.LookupId(fmt.Sprintf("%d", uid))
|
||||
if err != nil {
|
||||
fmt.Fprintf(os.Stderr, "failed to get owner of file named '%s': %s", file.Name(), err)
|
||||
continue
|
||||
}
|
||||
usernames = append(usernames, user.Username)
|
||||
}
|
||||
|
||||
if len(usernames) == 0 {
|
||||
|
|
|
|||
BIN
request/request
BIN
request/request
Binary file not shown.
Loading…
Reference in New Issue