wangbo/ComfyUI
1
0
Fork 0
mirror of https://github.com/comfyanonymous/ComfyUI.git synced 2026-03-28 20:43:32 +08:00
Code Issues Actions 15 Packages Projects Releases Wiki Activity

fix: validate socket file type before removal and tighten permissions

Browse Source 
- Check file type with stat.S_ISSOCK before unlinking to prevent
  accidental deletion of non-socket files
- Change socket permissions from 0o666 to 0o660 for better security
This commit is contained in:
hanli 2026-02-28 13:47:56 +08:00
parent 5e662fedc6
commit 3ef720c87e
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
server.py
View File

@ -1,5 +1,6 @@
import os import os
import sys import sys
import stat
import asyncio import asyncio
import traceback import traceback
import time import time
@ -1229,11 +1230,14 @@ class PromptServer():
if verbose: if verbose:
logging.info("Starting server\n") logging.info("Starting server\n")
if os.path.exists(unix_socket): if os.path.lexists(unix_socket):
st_mode = os.lstat(unix_socket).st_mode
if not stat.S_ISSOCK(st_mode):
raise RuntimeError(f"Refusing to remove non-socket path: {unix_socket}")
os.unlink(unix_socket) os.unlink(unix_socket)
site = web.UnixSite(runner, unix_socket) site = web.UnixSite(runner, unix_socket)
await site.start() await site.start()
os.chmod(unix_socket, 0o666) os.chmod(unix_socket, 0o660)
self.address = unix_socket self.address = unix_socket
self.port = None self.port = None
self.unix_socket = unix_socket self.unix_socket = unix_socket