Exclude pysnmp_mibs from search path

MIB opening class of pysnmp include `pysnmp_mibs` location
as one of the places where pysnmp will try to find the MIB
files being requested. Part of the problem is that pysnmp
opens files in `pysnmp_mibs` directory by relative location
(e.g. CWD) which is generally not a good idea from
security perspective.

It turns out that if the process imports this library being
in a non-readable directory, pysnmp blows up at probing
`pysnmp_mibs` location.

This patch excludes relative `pysnmp_mibs` location from the
search path effectively fixing the blow up problem.

Change-Id: I7fa1b5353a2d33fd58de45426a9ee6dbcbf4eaef
This commit is contained in:
Ilya Etingof 2018-05-24 16:03:05 +02:00
parent 1ca65e077b
commit 0c7dbee0f9
1 changed files with 7 additions and 1 deletions

View File

@ -26,9 +26,15 @@ from proliantutils import log
LOG = log.get_logger(__name__)
class MibBuilder(builder.MibBuilder):
# NOTE(etingof): disable searching in `pysnmp_mibs` because it can
# cause permission problems when opening files at relative path
defaultMiscMibs = ''
cpq_mibs_path = os.path.dirname(os.path.abspath(__file__))
cpq_mibs_path = os.path.join(cpq_mibs_path, "cpqdisk_mibs")
mBuilder = builder.MibBuilder()
mBuilder = MibBuilder()
mBuilder.addMibSources(builder.DirMibSource(cpq_mibs_path))
mibBuilder = mBuilder.loadModules('CPQIDA-MIB', 'CPQSCSI-MIB')
mibViewController = view.MibViewController(mibBuilder)