Re: [dev][project] soap - a simple xdg-open replacement

From: Chris Down <chris_AT_chrisdown.name>
Date: Sun, 4 May 2014 18:55:25 +0100

FRIGN writes:
> If you mess up your damn soap-config.h, you almost deserve to get your
> bloody hard drive wiped.
> I designed soap to handle user input safely in the manner of that the
> person who configures the program knows what he is dealing with.
>
> There's no denying you can exploit this being the one to configure the
> program, if you intentionally circumvent the security measures provided
> by it.
>
> I would congratulate you on stating the obvious, if you wouldn't make
> it appear as if soap was some bug-ridden, exploitable, insecure
> program, which it definitely isn't.

You appear to have not understood my concern -- this has nothing to do
with writing an obviously insecure config.h; to anyone writing one, the
following seems perfectly reasonable because there is no documented
reason that it should not be:

    foo '%s'

In reality, however, because there is no check if we are already in a
single quoted block when doing the quoting of the filename, this happens
when encountering a file named "; shutdown;.jpg":

    foo ''; shutdown;.jpg''

If my concern was about passing strings to commands that run arbitrary
commands, then obviously I would not have been talking about the
problems with using system() in my first post (such an issue is present
in any method of execution).

If this should be like this, then it should definitely be documented
(which right now it is not).

Received on Sun May 04 2014 - 19:55:25 CEST

This archive was generated by hypermail 2.3.0 : Sun May 04 2014 - 20:00:09 CEST