Thread overview
[dmd-internals] Tighten security on file imports
Feb 21, 2010
Leandro Lucarella
Feb 22, 2010
Walter Bright
Feb 22, 2010
Walter Bright
Feb 22, 2010
Leandro Lucarella
February 20, 2010
Hi, I just saw the changeset 389[1], and I think this is going the wrong way. Security should be tighten, but trying to keep the restrictions on files as much as possible (not the other way).

What is the point on not allowing, for example, "+", "-", " " and a whole lot of harmless chars? I really can't understand that change.

Related to this is bug 3420[2] (with a partial, Linux/Posix-only, patch written by me), why tries to keep security loosing restrictions.

You even accept "." chars in the name (in the dumb check for valid
characters), which is the most harmful char that ever existed =)


[1] http://www.dsource.org/projects/dmd/changeset/389
[2] http://d.puremagic.com/issues/show_bug.cgi?id=3420

-- 
Leandro Lucarella (AKA luca)                     http://llucax.com.ar/
----------------------------------------------------------------------
GPG Key: 5F5A8D05 (F8CD F9A7 BF00 5431 4145  104C 949E BFB6 5F5A 8D05)
----------------------------------------------------------------------
February 21, 2010
I think your patch is good for Posix, but not for Windows. I'll leave the existing code for Windows. I agree it's more restrictive than necessary, but I don't know all the tricks people use on these things, so I thought it best to err on the safe side.

Leandro Lucarella wrote:
> Hi, I just saw the changeset 389[1], and I think this is going the wrong way. Security should be tighten, but trying to keep the restrictions on files as much as possible (not the other way).
>
> What is the point on not allowing, for example, "+", "-", " " and a whole lot of harmless chars? I really can't understand that change.
>
> Related to this is bug 3420[2] (with a partial, Linux/Posix-only, patch written by me), why tries to keep security loosing restrictions.
>
> You even accept "." chars in the name (in the dumb check for valid
> characters), which is the most harmful char that ever existed =)
>
>
> [1] http://www.dsource.org/projects/dmd/changeset/389
> [2] http://d.puremagic.com/issues/show_bug.cgi?id=3420
>
> 
February 21, 2010
I did some googling on this, apparently this is not an easy fix on any system other than Linux. Changeset 396 for more details.

Leandro Lucarella wrote:
> Hi, I just saw the changeset 389[1], and I think this is going the wrong way. Security should be tighten, but trying to keep the restrictions on files as much as possible (not the other way).
>
> What is the point on not allowing, for example, "+", "-", " " and a whole lot of harmless chars? I really can't understand that change.
>
> Related to this is bug 3420[2] (with a partial, Linux/Posix-only, patch written by me), why tries to keep security loosing restrictions.
>
> You even accept "." chars in the name (in the dumb check for valid
> characters), which is the most harmful char that ever existed =)
>
>
> [1] http://www.dsource.org/projects/dmd/changeset/389
> [2] http://d.puremagic.com/issues/show_bug.cgi?id=3420
>
> 
February 22, 2010
Walter Bright, el 21 de febrero a las 23:01 me escribiste:
> I did some googling on this, apparently this is not an easy fix on any system other than Linux. Changeset 396 for more details.

Fair enough. Thank you.

-- 
Leandro Lucarella (AKA luca)                     http://llucax.com.ar/
----------------------------------------------------------------------
GPG Key: 5F5A8D05 (F8CD F9A7 BF00 5431 4145  104C 949E BFB6 5F5A 8D05)
----------------------------------------------------------------------