Re: [BackupPC-users] escaping command line options

Fri, 24 Feb 2006 10:37:18 -0800 

On 2/22/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>
>
> In the message dated: Wed, 22 Feb 2006 17:17:21 EST,
> The pithy ruminations from Dan Pritts on
> <Re: [BackupPC-users] escaping command line options> were:
> => You might look into SELinux capabilities if you're running Linux.
> =>
> => Solaris 10 has some similar features:
> =>  http://www.sun.com/bigadmin/xperts/sessions/16_prm/
> =>
> => more as an answer to your question, try implementing this thing
> => in perl.  It's better suited to the kind of string processing you're
> => doing.
> =>
> => Maybe this:
> =>
> =>      #!/usr/bin/perl -w
> =>
> =>      $cmd=$ENV{'SSH_ORIGINAL_COMMAND'}
> =>
> =>      if ( $cmd =~ /[*|?{~\(\[\$\`]/ ) {
> =>              die "error, unallowed character in command string\n"
>
> It may be better to specify the list of allowed characters, rather than the
> reverse. Try:
>         if ( $cmd !~ /^[\w\d\.-]+$/ ) {
> to allow just letters, numbers, underscore (part of \w), dash, and period.
>
> =>      }
> =>
> =>      if ( $cmd =~ /^\/usr\/bin\/rsync --server/ ) {
> =>              # for more security, split this into an array and exec
> =>              # the array, that will prevent it from being run by a subshell
> =>              exec "$cmd";
> =>      }
> =>
> =>      die "error, command didn\'t start  /usr/bin/rsync --server";
>
> In thinking about this more, I'd like to get a clearer idea of the goal of the
> script. If I understand it correctly, the intent is to allow untrusted users 
> to
> initiate backups of subsets of a client machine on which they have an account.
>

The goal is to have -on the backup server- an account who posesses an
ssh key that only allows them access to perform the backup command on
a remote machine.  If the backup process needs access to files outside
of the remote machine users context, then sudo must also be used in
conjunction with the command= option in ssh.

> If this is correct, then here's an alternative proposal....
>
> Have the wrapper script simply be something like:
>         #! /bin/sh
>         /usr/bin/rsync --server --port 10873 $*
> (Obviously, the corresponding backup process on the BackupPC server will need
> to include the same port specification.)
>

You are not doing anything with the $SSH_ORIGINAL_COMMAND which is the
only way you can access the information passed on the command-line to
ssh, so I don't guess I'm following you.

> However, the ssh connection, and the script, will be run as the untrusted 
> user,
> not as root. In this case, the user will only be able to backup files that
> they'd otherwise have permission to read from the shell.
>
> The question of allowing users to restore only their own files, without the
> ability to access files that they couldn't read from the shell, is another
> problem...
>
> Mark
>
>
> =>
> => This probably has syntax errors and i've probably missed some
> => metacharacter that you should exclude.
> =>
> => danno
> =>
>
> ----
> Mark Bergman
> [EMAIL PROTECTED]
> Seeking a Unix/Linux sysadmin position local to Philadelphia or via 
> telecommuting
>
> http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=bergman%40merctech.com
>
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by xPML, a groundbreaking scripting language
> that extends applications into web and mobile media. Attend the live webcast
> and join the prime developer group breaking into this new coding territory!
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
> _______________________________________________
> BackupPC-users mailing list
> BackupPC-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/backuppc-users
> http://backuppc.sourceforge.net/
>


-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid0944&bid$1720&dat1642
_______________________________________________
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/backuppc-users
http://backuppc.sourceforge.net/

Reply via email to