fetch extension - use local filename from content-disposition
barney at databus.com
Thu Dec 29 21:39:20 PST 2005
On Thu, Dec 29, 2005 at 10:04:03PM -0500, Martin Cracauer wrote:
> The security implications are about the same as for the base
> functionality. Any filename in the current directory can be wiped out
> if you fetch or wget and a URL redirects to another URL which leads to
> a filename that matches.
If fetch uses a redirected name as its local filename it is seriously
broken and must be fixed. The manpage does not mention it.
> The default behavior already *is* that the sending server has control
> over your local naming.
What does the security officer have to say about that, if true?
> I will forbit "/" to appear in the suggested filename, though.
Remember that the check must be made after any decoding of %xx et al.
But no check will save the gullible from creating .shosts in $HOME or
overwriting .profile .
That's why I believe the whole thing is a bad idea.
Barney Wolff http://www.databus.com/bwresume.pdf
I never met a computer I didn't like.
More information about the freebsd-current