On Saturday 04 December 2010 17:36:02 Roger Leigh wrote:
> severity 601043 important
> merge 601043 605939
> thanks
>
> On Sat, Dec 04, 2010 at 03:25:00PM -0500, Nelson Elhage wrote:
> > As of schroot commit 8c1c93708397bc08519a9415da96fbdd9e26315e
> > (released with version 1.4.9), chroots with periods in their name no
> > longer work.
> >
> > I personally find chroot names with dots useful, since I keep chroots
> > around as build/test environments for different versions of various
> > pieces of software, and I name them after the software version
> > (x.y.z).
> >
> > I've attached a patch which adds '.' back in to is_valid_sessionname.
>
> Thanks for the patch. I am planning to relax the restriction shortly,
> but it does need some checking of other parts of the codebase to
> ensure we aren't opening up a security hole (which is why we restricted
> the allowed characters).
>
> A leading '.' is particularly troublesome since it would allow one
> to overwrite files on the host system with a session name containing
> "../../" etc. For this reason, we would need to use
>
> static regex file_namespace("^[a-zA-Z0-9][a-zA-Z0-9_.-]*$");
>
> in place of:
>
> static regex file_namespace("^[a-zA-Z0-9.][a-zA-Z0-9_.-]*$");
>
> We already restrict the use of '/', so this one isn't too likely at
> present, but there were some other cases I wasn't so sure about.
> Once I've checked, I'll relax the restriction.
>
>
> Regards,
> Roger
As I understand this, a valid chroot name should be a string in a language of
all strings generated by a regular expression [a-zA-Z0-9_.-]+ which excludes
the strings '.' and '..'.
Perhaps the regular expression used should be:
static regex
file_namespace("^([.]{2}[a-zA-Z0-9_.-]+|[.]?[a-zA-Z0-9_-][a-zA-Z0-9_.-]*)$");
I've attached a patch that can be used to test this regular expression as well
as describe the DFA used to construct this regular expression.
--
Regards,
Andres Mejia
valid-chroot-name
Description: Perl program
