[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Monotone-devel] popen from a hook
From: |
William Uther |
Subject: |
[Monotone-devel] popen from a hook |
Date: |
Sun, 19 Nov 2006 13:53:08 +1100 |
Hi,
After a bit of digging I discovered that io.popen has been
disabled in mtn's lua because it is considered a security risk (if
you pass a file name into it, then it might do weird things in the
shell). I find this ironic, because the workaround for lack of a
popen in my use-case is to save a password to a file in cleartext...
also a security a risk.
So, I've made two patches. The first does two things:
- adds some error messages to make it clear that popen was
deliberately disabled.
- leaves io.unsafepopen as a replacement for popen. This makes
it clear that it is considered a security risk in some situations,
but allows its use where there is no security problem (e.g. if you're
not passing versioned filenames on the command line).
The second version leaves 'popen' available unrenamed, but wraps
it in a fairly strict check to make sure it isn't a security hole (no
characters except [a-zA-Z0-9 ] are allowed in the command).
You only need to apply one of these patches. If you apply both,
they'll conflict :).
Be well,
Will :-}
lua_hooks.cc-1.diff
Description: Binary data
lua_hooks.cc-2.diff
Description: Binary data
- [Monotone-devel] popen from a hook,
William Uther <=