Michael G Schwern wrote:
> Shlomi Fish wrote:
>>> * What is the problem with world writeable files in a distro?
>> Let's suppose Makefile.PL is world-writable. While the distro is being
>> unpacked, a malicious user writes something like:
>>
>> {{{
>> system('rm -fr $HOME');
>> }}}
>>
>> to it, and after you come to the "perl Makefile.PL" stage - you lose
>> your home-directory. ;-)
> 
> Run that by me again how the Makefile.PL being world-writable has any effect
> on that?  If a Makefile.PL does an "rm -rf $HOME" and you run it, it doesn't
> matter what permission flags are on the file.  Your home directory is gone.

I understand the security issue now, sorry.  In that case I would agree that,
in general, it's a security hole.  However...

Some malicious user, who has somehow gotten an account on your machine, and
can see inside your .cpanplus build directory (which he shouldn't because it
should only be readable by you), might at just the right exact moment when
you're about to run THE ALREADY UNTRUSTED CODE replace it with a malicious 
attack.

Instead of, oh I don't know, just uploading a tarball to CPAN that already has
a malicious Makefile.PL in it and nuking the whole CPAN Testers network.

Like I said, worrying about the locks when the door is open.


-- 
94. Crucifixes do not ward off officers, and I should not test that.
    -- The 213 Things Skippy Is No Longer Allowed To Do In The U.S. Army
           http://skippyslist.com/list/

Reply via email to