HEADS UP: Importing csup into base
Kris Kennaway
kris at obsecurity.org
Wed Mar 1 13:17:10 PST 2006
On Wed, Mar 01, 2006 at 04:19:32PM -0500, Wesley Shields wrote:
> On Wed, Mar 01, 2006 at 03:33:41PM -0500, Lowell Gilbert wrote:
> > Scott Long <scottl at samsco.org> writes:
> >
> > > Maxime Henrion wrote:
> > > > Hey all,
> > > > I have released a new snapshot of csup a few minutes ago,
> > >
> > > [...]
> > >
> > > > - Executes (shell commands sent by the server, even more rarely
> > > > used),
> > >
> > > Are you joking?
> >
> > Are you asking whether he's joking about (1) the idea of ever
> > implementing it, (2) the fact that he hasn't done it yet, or
> > (3) the idea that it's rarely used? All of those sound
> > reasonable to me...
>
> I'm questioning (1) myself. This just seems like a bad idea from a
> security perspective. Of course, some kind of sanitization could
> mitigate the issue.
Let's not lose sight of the fact that whoever runs the cvsup server
already owns your machine, since they're giving you unauthenticated
source code [1].
Kris
[1] Please don't take this as an invitation to talk about how Someone
Should Fix This, since it's not on the table until Someone first
writes csupd :-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-arch/attachments/20060301/6b5117ee/attachment.bin
More information about the freebsd-arch
mailing list