From owner-freebsd-current@FreeBSD.ORG Wed Mar 1 21:17:10 2006 Return-Path: X-Original-To: current@freebsd.org Delivered-To: freebsd-current@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C52D016A420; Wed, 1 Mar 2006 21:17:10 +0000 (GMT) (envelope-from kris@obsecurity.org) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8034543D49; Wed, 1 Mar 2006 21:17:10 +0000 (GMT) (envelope-from kris@obsecurity.org) Received: from obsecurity.dyndns.org (elvis.mu.org [192.203.228.196]) by elvis.mu.org (Postfix) with ESMTP id 4FE191A4DCD; Wed, 1 Mar 2006 13:17:10 -0800 (PST) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 3492352529; Wed, 1 Mar 2006 16:17:09 -0500 (EST) Date: Wed, 1 Mar 2006 16:17:08 -0500 From: Kris Kennaway To: Wesley Shields Message-ID: <20060301211708.GA30508@xor.obsecurity.org> References: <20060301170306.GZ55746@elvis.mu.org> <4405F673.8060907@samsco.org> <44mzg9ucpm.fsf@be-well.ilk.org> <20060301211932.GA42815@csh.rit.edu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="7JfCtLOvnd9MIVvH" Content-Disposition: inline In-Reply-To: <20060301211932.GA42815@csh.rit.edu> User-Agent: Mutt/1.4.2.1i Cc: arch@freebsd.org, current@freebsd.org, Lowell Gilbert Subject: Re: HEADS UP: Importing csup into base X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Mar 2006 21:17:10 -0000 --7JfCtLOvnd9MIVvH Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Mar 01, 2006 at 04:19:32PM -0500, Wesley Shields wrote: > On Wed, Mar 01, 2006 at 03:33:41PM -0500, Lowell Gilbert wrote: > > Scott Long writes: > >=20 > > > Maxime Henrion wrote: > > > > Hey all, > > > > I have released a new snapshot of csup a few minutes ago, > > >=20 > > > [...] > > >=20 > > > > - Executes (shell commands sent by the server, even more rarely > > > > used), > > >=20 > > > Are you joking? > >=20 > > Are you asking whether he's joking about (1) the idea of ever > > implementing it, (2) the fact that he hasn't done it yet, or=20 > > (3) the idea that it's rarely used? All of those sound=20 > > reasonable to me... >=20 > I'm questioning (1) myself. This just seems like a bad idea from a > security perspective. Of course, some kind of sanitization could > mitigate the issue. Let's not lose sight of the fact that whoever runs the cvsup server already owns your machine, since they're giving you unauthenticated source code [1]. Kris [1] Please don't take this as an invitation to talk about how Someone Should Fix This, since it's not on the table until Someone first writes csupd :-) --7JfCtLOvnd9MIVvH Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.1 (FreeBSD) iD8DBQFEBg9UWry0BWjoQKURAuYdAKDfEiMo3lZZzE9MzVDVJo0GdRie8gCcDqCP 4FR7SnSvsiB0CvWZNxPzyAQ= =WyeE -----END PGP SIGNATURE----- --7JfCtLOvnd9MIVvH--