From: Rene Herman <rene.herman@keyaccess.nl>
To: Johannes Schindelin <Johannes.Schindelin@gmx.de>
Cc: Steffen Prohaska <prohaska@zib.de>,
Johannes Sixt <johannes.sixt@telecom.at>,
git@vger.kernel.org, Junio C Hamano <gitster@pobox.com>
Subject: Re: [PATCH] Set up argv0_path correctly, even when argv[0] is just the basename
Date: Sat, 26 Jul 2008 17:19:57 +0200 [thread overview]
Message-ID: <488B409D.40709@keyaccess.nl> (raw)
In-Reply-To: <alpine.DEB.1.00.0807261709090.26810@eeepc-johanness>
On 26-07-08 17:10, Johannes Schindelin wrote:
> Hi,
>
> On Sat, 26 Jul 2008, Rene Herman wrote:
>
>> On 26-07-08 16:14, Johannes Schindelin wrote:
>>
>>> When the program 'git' is in the PATH, the argv[0] is set to the
>>> basename. However, argv0_path needs the full path, so add a function
>>> to discover the program by traversing the PATH manually.
>> While not having read the context for this, this ofcourse sounds like a huge
>> gaping race-condition. If applicable here (as said, did not read context) you
>> generally want to make sure that there's no window that a path could be
>> replaced -- while perhaps not here, that's often the kind of thing that
>> security attacks end up abusing.
>
> Yeah, and that's why you would carefully time your attack just in between
> the command invocation and the discovery of argv[0] in the PATH.
>
> Rather than replacing the 'git' program with an infected version right
> away.
Adding to the PATH is generally not disallowed by user level security.
Replacing the GIT binary generally is.
Sure maybe it's not much of a problem here; as said, I didn't read the
context and am not a GIT person. Just commented on a git-user list when
this was the next message on the list. Though a heads-up might still be
in order. If it wasn't useful -- so be it, but even making a command do
something different than a user expected can have serious implications,
for example in this case for the tree they are working on.
Rene.
next prev parent reply other threads:[~2008-07-26 15:18 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-07-26 9:41 [PATCH] Modify mingw_main() workaround to avoid link errors Steffen Prohaska
2008-07-26 13:17 ` Johannes Schindelin
2008-07-26 16:07 ` Steffen Prohaska
2008-07-26 14:14 ` [PATCH] Set up argv0_path correctly, even when argv[0] is just the basename Johannes Schindelin
2008-07-26 14:54 ` Rene Herman
2008-07-26 15:10 ` Johannes Schindelin
2008-07-26 15:19 ` Rene Herman [this message]
2008-07-26 15:35 ` Johannes Schindelin
2008-07-26 15:53 ` Rene Herman
2008-07-26 17:31 ` Junio C Hamano
2008-07-26 17:42 ` Johannes Schindelin
2008-08-03 20:25 ` Jan Hudec
2008-08-03 20:43 ` Junio C Hamano
2008-07-26 20:37 ` [PATCH] Modify mingw_main() workaround to avoid link errors Johannes Sixt
2008-07-26 21:36 ` Steffen Prohaska
2008-07-27 19:24 ` Johannes Sixt
2008-07-29 4:46 ` Steffen Prohaska
2008-07-29 8:33 ` Johannes Sixt
2008-07-29 19:46 ` Steffen Prohaska
2008-08-03 19:55 ` Johannes Sixt
2008-08-03 21:21 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=488B409D.40709@keyaccess.nl \
--to=rene.herman@keyaccess.nl \
--cc=Johannes.Schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=johannes.sixt@telecom.at \
--cc=prohaska@zib.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).