fetch extension - use local filename from content-disposition header

Martin Cracauer cracauer at cons.org
Thu Dec 29 19:04:09 PST 2005

Pawel Worach wrote on Fri, Dec 30, 2005 at 03:27:46AM +0100: 
> Sean Bryant wrote:
> > Barney Wolff wrote:
> > 
> >> On Thu, Dec 29, 2005 at 07:33:38PM -0500, Martin Cracauer wrote:
> >>  
> >>
> >>> I'm a bit rusty, so please point me to style mistakes in the appended
> >>> diff.
> >>> The following diff implements a "-O" option to fetch(1), which, when
> >>> set, will make fetch use a local filename supplied by the server in a
> >>> Content-Disposition header.
> >>>   
> >>
> >> Have you considered the security implications of this option?
> >>
> >>  
> >>
> > Its just an extra option. I'm sure the details could be summed up in the 
> > man page.
> I think what Barney means is that if you run fetch(1) as root and the 
> server returns the filename as "/sbin/init" bad things will happen.
> The data returned in Content-Disposition should be used with caution.

First, the option of off by default, only when you say "-O" it will be

The security implications are about the same as for the base
functionality.  Any filename in the current directory can be wiped out
if you fetch or wget and a URL redirects to another URL which leads to
a filename that matches.  

The default behavior already *is* that the sending server has control
over your local naming.

I will forbit "/" to appear in the suggested filename, though.

Martin Cracauer <cracauer at cons.org>   http://www.cons.org/cracauer/
FreeBSD - where you want to go, today.      http://www.freebsd.org/

More information about the freebsd-current mailing list