[Monotone-devel] popen from a hook

monotone-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Monotone-devel] popen from a hook

From:	William Uther
Subject:	[Monotone-devel] popen from a hook
Date:	Sun, 19 Nov 2006 13:53:08 +1100

Hi,

After a bit of digging I discovered that io.popen has beendisabled in mtn's lua because it is considered a security risk (ifyou pass a file name into it, then it might do weird things in theshell). I find this ironic, because the workaround for lack of apopen in my use-case is to save a password to a file in cleartext...also a security a risk.


  So, I've made two patches.  The first does two things:

- adds some error messages to make it clear that popen wasdeliberately disabled.- leaves io.unsafepopen as a replacement for popen. This makesit clear that it is considered a security risk in some situations,but allows its use where there is no security problem (e.g. if you'renot passing versioned filenames on the command line).

The second version leaves 'popen' available unrenamed, but wrapsit in a fairly strict check to make sure it isn't a security hole (nocharacters except [a-zA-Z0-9 ] are allowed in the command).

You only need to apply one of these patches. If you apply both,they'll conflict :).


Be well,

Will       :-}

lua_hooks.cc-1.diff
Description: Binary data

lua_hooks.cc-2.diff
Description: Binary data

[Prev in Thread]

Current Thread

[Next in Thread]

[Monotone-devel] popen from a hook, William Uther <=
- Re: [Monotone-devel] popen from a hook, Nathaniel Smith, 2006/11/18
  - Re: [Monotone-devel] popen from a hook, Brian May, 2006/11/19

Prev by Date: Re: [Monotone-devel] Value too large for defined data type. Now what?
Next by Date: Re: [Monotone-devel] popen from a hook
Previous by thread: [Monotone-devel] Value too large for defined data type. Now what?
Next by thread: Re: [Monotone-devel] popen from a hook
Index(es):
- Date
- Thread