From 91a84d3f26706dca91ff915354667bf4f667fcc5 Mon Sep 17 00:00:00 2001 From: Evan Broder Date: Mon, 6 Apr 2009 22:13:53 -0400 Subject: [PATCH] Fix a potential quota hole from cross-realm Hesiod entries. svn path=/trunk/packages/invirt-web/; revision=2293 --- code/validation.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/code/validation.py b/code/validation.py index 480d007..0285044 100644 --- a/code/validation.py +++ b/code/validation.py @@ -241,6 +241,8 @@ def testOwner(user, owner, machine=None): return machine.owner if owner is None: raise InvalidInput('owner', owner, "Owner must be specified") + if '@' in owner: + raise InvalidInput('owner', owner, "No cross-realm Hesiod lockers allowed") try: if user not in cache_acls.expandLocker(owner): raise InvalidInput('owner', owner, 'You do not have access to the ' -- 1.7.9.5