Bugtraq mailing list archives
Re: Perforce client: security hole by design
From: The Fungi <fungi () yuggoth org>
Date: Fri, 5 Jan 2007 14:34:56 +0000
On Thu, Jan 04, 2007 at 08:03:34PM +0100, Ben Bucksch wrote: [...]
= Proposed fix = The problem at hand could be easily fixed by letting the client check out only in the current directory (or one specified by the user on the commandline or GUI, preferences stored locally), no matter what the server says. It may put files anywhere underneath that directory, but never higher or otherwise outside. It must never adhere to absolute paths from the server. This does require some changes to how client specs work, though.
[...] Having not used the product, it's hard to say, but it sounds like chrooting the client differently for each project on which you're using it would be a suitable hack to provide a workaround, if a slightly inefficient one. Of course, I agree this is no substitute for fixing the application design (and likewise the behavior of the developers responsible). -- { IRL(Jeremy_Stanley); PGP(9E8DFF2E4F5995F8FEADDC5829ABF7441FB84657); SMTP(fungi () yuggoth org); IRC(fungi () irc yuggoth org#ccl); ICQ(114362511); AIM(dreadazathoth); YAHOO(crawlingchaoslabs); FINGER(fungi () yuggoth org); MUD(fungi () katarsis mudpy org:6669); WWW(http://fungi.yuggoth.org/); }
Current thread:
- Perforce client: security hole by design Ben Bucksch (Jan 04)
- Re: Perforce client: security hole by design The Fungi (Jan 08)
- Re: Perforce client: security hole by design Crispin Cowan (Jan 11)