Check if our temp transitions file is in the path we expect it to be in

ChangeLog

+2008-04-17  Joerg Jaspert  <joerg@debian.org>
+
+	* config/debian/dak.conf: Add TempPath statement for the Release
+	Transitions script
+
+	* dak/transitions.py (temp_transitions_file): Use the TempPath
+	(write_transitions_from_file): Check if the file we should get our
+	transitions from is in our TempPath, error out if it isnt
+
 2008-04-12  James Troup  <troup@debian.org>
 
 	* dak/clean_proposed_updates.py: add support for -s/--suite and

config/debian/dak.conf

@@ -38,6 +38,11 @@ Dinstall
    };
 };
 
+Transitions
+{
+   TempPath "/srv/ftp.debian.org/tmp/";
+}
+
 Binary-Upload-Restrictions
 {
  Components

dak/transitions.py

@@ -211,6 +211,11 @@ def write_transitions_from_file(from_file):
     """We have a file we think is valid; if we're using sudo, we invoke it
        here, otherwise we just parse the file and call write_transitions"""
 
+    # Lets check if from_file is in the directory we expect it to be in
+    if not os.path.abspath(from_file).startswith(Cnf["Transitions::TempPath"]):
+        print "Will not accept transitions file outside of %s" % (Cnf["Transitions::TempPath"])
+        sys.exit(3)
+
     if Options["sudo"]:
         os.spawnl(os.P_WAIT, "/usr/bin/sudo", "/usr/bin/sudo", "-u", "dak", "-H", 
               "/usr/local/bin/dak", "transitions", "--import", from_file)
@@ -227,7 +232,7 @@ def temp_transitions_file(transitions):
     # We need the chmod, as the file is (most possibly) copied from a
     # sudo-ed script and would be unreadable if it has default mkstemp mode
     
-    (fd, path) = tempfile.mkstemp("","transitions")
+    (fd, path) = tempfile.mkstemp("","transitions",Cnf["Transitions::TempPath"])
     os.chmod(path, 0644)
     f = open(path, "w")
     syck.dump(transitions, f)