-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=5898
Yes, you read that right - an open bug with only a 4-digit ID. 9 years and 236 days old. > There should be an option to disable `dangerous' operations like > writing files and executing programs, and another to disable reading > files too. > > Dangerous builtins include (according to the Info page): > debugfile syscmd esyscmd sysval maketemp > > File reading builtins include: > include sinclude The idea might be nice for m4 2.0, but is not worth adding to the 1.4.x branch. My take on what a --secure option would disable: debugfile (it can overwrite arbitrary existing files) syscmd (it invokes arbitrary shell commands) esyscmd (likewise) maketemp (invoked enough times, it can form a denial-of-service by creating lots of files) builtin (at least, builtin on any of the restricted commands) However, I see no reason to disable sysval (although it always results in 0 if you don't have [e]syscmd). And I don't see how reading files can be a security issue, since the person executing m4 can read those files from the command line in the first place, so include, sinclude, and undivert should remain active. - -- Life is short - so eat dessert first! Eric Blake [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.1 (Cygwin) Comment: Public key at home.comcast.net/~ericblake/eblake.gpg Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEzsTL84KuGfSFAYARAphRAJ4vPiWem6LKdqKRYUi7OyuXMahLAwCeIA/Z TgzRqi3Kgx70As5MvgHa9t8= =z4Ic -----END PGP SIGNATURE----- _______________________________________________ Bug-m4 mailing list [email protected] http://lists.gnu.org/mailman/listinfo/bug-m4
