Hi Ludovic, * Ludovic Rousseau <[EMAIL PROTECTED]> [2008-10-28 12:27]: > On Mon, Oct 27, 2008 at 5:03 PM, Nico Golde <[EMAIL PROTECTED]> wrote: > > * Ludovic Rousseau <[EMAIL PROTECTED]> [2008-10-27 16:47]: > >> On Mon, Oct 27, 2008 at 1:06 PM, Matthias Wandel <[EMAIL PROTECTED]> wrote: > >> > So what is the security vulnerability? > >> > > >> > You can use it to delete files, but why not just use "rm"? > >> > >> If I understand correctly we have two problems (from [1]) > >> 2 - unsafe temp file creation [...] > >> > Unless of course you run it as setuid root, but why would you go out ot > >> > your > >> > way to do that? > >> > >> A solution would be to use one of the exec(3) system calls instead of > >> system(3). > > > > Yes or to filter the string. > > I may try to implement a filter mechanism. > I think the idea is to stop the execution with an error message if a > special character is found. > What would be the list of normal characters? [a-z][A-Z][0-9][-.]? > How to filter file names in UTF-8? with accents or non ASCII characters?
That's the problem, that is possible but there are a lot of problems that don't arise when using exec. > An easier solution is to refuse special characters like & and ; but > that may not completely solve the problem. > I need help here. I can look into this probably in the next days. Cheers Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpJTdvevdtqj.pgp
Description: PGP signature
