[ruby-core:61250] [ruby-trunk - Bug #9588] [Open] program name variables tainted

ruby-core@ruby-lang.org archive (unofficial mirror)
 help / color / mirror / Atom feed

* [ruby-core:61250] [ruby-trunk - Bug #9588] [Open] program name variables tainted
       [not found] <redmine.issue-9588.20140303090945@ruby-lang.org>
@ 2014-03-03  9:09 ` jrusnack
  2014-03-03  9:59 ` [ruby-core:61251] [ruby-trunk - Bug #9588] " shugo
                   ` (3 subsequent siblings)
  4 siblings, 0 replies; 5+ messages in thread
From: jrusnack @ 2014-03-03  9:09 UTC (permalink / raw)
  To: ruby-core

Issue #9588 has been reported by Jan Rusnacko.

----------------------------------------
Bug #9588: program name variables tainted
https://bugs.ruby-lang.org/issues/9588

* Author: Jan Rusnacko
* Status: Open
* Priority: Normal
* Assignee: 
* Category: 
* Target version: 
* ruby -v: 1.8.7, 1.9.3, 2.0.0
* Backport: 1.9.3: UNKNOWN, 2.0.0: UNKNOWN, 2.1: UNKNOWN
----------------------------------------
I have noticed inconsistency in taint flag of program name:

[jrusnack@dhcp-31-42 ruby-safe]$ cat tainted.rb
#!/usr/bin/env ruby
puts "$0:            #{$0}, tainted? #{$0.tainted?}"
puts "__FILE__:      #{__FILE__}, tainted? #{__FILE__.tainted?}"
puts "$PROGRAM_NAME: #{$PROGRAM_NAME}, tainted? #{$PROGRAM_NAME.tainted?}"

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 1.8.7
Using /home/jrusnack/.rvm/gems/ruby-1.8.7-p374

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0:            ./tainted.rb, tainted? true
__FILE__:      ./tainted.rb, tainted? false
$PROGRAM_NAME: ./tainted.rb, tainted? true

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 1.9.3
Using /home/jrusnack/.rvm/gems/ruby-1.9.3-p484

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0:            ./tainted.rb, tainted? false
__FILE__:      ./tainted.rb, tainted? true
$PROGRAM_NAME: ./tainted.rb, tainted? false

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 2.0.0
Using /home/jrusnack/.rvm/gems/ruby-2.0.0-p353

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0:            ./tainted.rb, tainted? false
__FILE__:      ./tainted.rb, tainted? true
$PROGRAM_NAME: ./tainted.rb, tainted? false

-- 
http://bugs.ruby-lang.org/

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [ruby-core:61251] [ruby-trunk - Bug #9588] program name variables tainted
       [not found] <redmine.issue-9588.20140303090945@ruby-lang.org>
  2014-03-03  9:09 ` [ruby-core:61250] [ruby-trunk - Bug #9588] [Open] program name variables tainted jrusnack
@ 2014-03-03  9:59 ` shugo
  2014-03-03 10:59 ` [ruby-core:61252] " shyouhei
                   ` (2 subsequent siblings)
  4 siblings, 0 replies; 5+ messages in thread
From: shugo @ 2014-03-03  9:59 UTC (permalink / raw)
  To: ruby-core

Issue #9588 has been updated by Shugo Maeda.

Jan Rusnacko wrote:
> [jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
> $0:            ./tainted.rb, tainted? false
> __FILE__:      ./tainted.rb, tainted? true
> $PROGRAM_NAME: ./tainted.rb, tainted? false

I guess it's a regression introduced in r20656.
Or did you mean not to taint $0, Yugui?

----------------------------------------
Bug #9588: program name variables tainted
https://bugs.ruby-lang.org/issues/9588#change-45591

* Author: Jan Rusnacko
* Status: Open
* Priority: Normal
* Assignee: 
* Category: 
* Target version: 
* ruby -v: 1.8.7, 1.9.3, 2.0.0
* Backport: 1.9.3: UNKNOWN, 2.0.0: UNKNOWN, 2.1: UNKNOWN
----------------------------------------
I have noticed inconsistency in taint flag of program name:

[jrusnack@dhcp-31-42 ruby-safe]$ cat tainted.rb
#!/usr/bin/env ruby
puts "$0:            #{$0}, tainted? #{$0.tainted?}"
puts "__FILE__:      #{__FILE__}, tainted? #{__FILE__.tainted?}"
puts "$PROGRAM_NAME: #{$PROGRAM_NAME}, tainted? #{$PROGRAM_NAME.tainted?}"

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 1.8.7
Using /home/jrusnack/.rvm/gems/ruby-1.8.7-p374

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0:            ./tainted.rb, tainted? true
__FILE__:      ./tainted.rb, tainted? false
$PROGRAM_NAME: ./tainted.rb, tainted? true

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 1.9.3
Using /home/jrusnack/.rvm/gems/ruby-1.9.3-p484

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0:            ./tainted.rb, tainted? false
__FILE__:      ./tainted.rb, tainted? true
$PROGRAM_NAME: ./tainted.rb, tainted? false

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 2.0.0
Using /home/jrusnack/.rvm/gems/ruby-2.0.0-p353

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0:            ./tainted.rb, tainted? false
__FILE__:      ./tainted.rb, tainted? true
$PROGRAM_NAME: ./tainted.rb, tainted? false

-- 
http://bugs.ruby-lang.org/

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [ruby-core:61252] [ruby-trunk - Bug #9588] program name variables tainted
       [not found] <redmine.issue-9588.20140303090945@ruby-lang.org>
  2014-03-03  9:09 ` [ruby-core:61250] [ruby-trunk - Bug #9588] [Open] program name variables tainted jrusnack
  2014-03-03  9:59 ` [ruby-core:61251] [ruby-trunk - Bug #9588] " shugo
@ 2014-03-03 10:59 ` shyouhei
  2019-07-12  2:01 ` [ruby-core:93699] [Ruby master Bug#9588] " merch-redmine
  2019-10-13 17:19 ` [ruby-core:95314] " merch-redmine
  4 siblings, 0 replies; 5+ messages in thread
From: shyouhei @ 2014-03-03 10:59 UTC (permalink / raw)
  To: ruby-core

Issue #9588 has been updated by Shyouhei Urabe.

My expectation to tainted.rb output is what 1.8.7 outputs.  This seems like a regression to me.

----------------------------------------
Bug #9588: program name variables tainted
https://bugs.ruby-lang.org/issues/9588#change-45592

* Author: Jan Rusnacko
* Status: Open
* Priority: Normal
* Assignee: 
* Category: 
* Target version: 
* ruby -v: 1.8.7, 1.9.3, 2.0.0
* Backport: 1.9.3: UNKNOWN, 2.0.0: UNKNOWN, 2.1: UNKNOWN
----------------------------------------
I have noticed inconsistency in taint flag of program name:

[jrusnack@dhcp-31-42 ruby-safe]$ cat tainted.rb
#!/usr/bin/env ruby
puts "$0:            #{$0}, tainted? #{$0.tainted?}"
puts "__FILE__:      #{__FILE__}, tainted? #{__FILE__.tainted?}"
puts "$PROGRAM_NAME: #{$PROGRAM_NAME}, tainted? #{$PROGRAM_NAME.tainted?}"

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 1.8.7
Using /home/jrusnack/.rvm/gems/ruby-1.8.7-p374

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0:            ./tainted.rb, tainted? true
__FILE__:      ./tainted.rb, tainted? false
$PROGRAM_NAME: ./tainted.rb, tainted? true

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 1.9.3
Using /home/jrusnack/.rvm/gems/ruby-1.9.3-p484

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0:            ./tainted.rb, tainted? false
__FILE__:      ./tainted.rb, tainted? true
$PROGRAM_NAME: ./tainted.rb, tainted? false

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 2.0.0
Using /home/jrusnack/.rvm/gems/ruby-2.0.0-p353

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0:            ./tainted.rb, tainted? false
__FILE__:      ./tainted.rb, tainted? true
$PROGRAM_NAME: ./tainted.rb, tainted? false

-- 
http://bugs.ruby-lang.org/

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [ruby-core:93699] [Ruby master Bug#9588] program name variables tainted
       [not found] <redmine.issue-9588.20140303090945@ruby-lang.org>
                   ` (2 preceding siblings ...)
  2014-03-03 10:59 ` [ruby-core:61252] " shyouhei
@ 2019-07-12  2:01 ` merch-redmine
  2019-10-13 17:19 ` [ruby-core:95314] " merch-redmine
  4 siblings, 0 replies; 5+ messages in thread
From: merch-redmine @ 2019-07-12  2:01 UTC (permalink / raw)
  To: ruby-core

Issue #9588 has been updated by jeremyevans0 (Jeremy Evans).

Backport deleted (1.9.3: UNKNOWN, 2.0.0: UNKNOWN, 2.1: UNKNOWN)

It looks like `$0`, `__FILE__`, and `$PROGRAM_NAME` have been not tainted since 2.1.  I'm not sure if this is still considered a bug or not.

----------------------------------------
Bug #9588: program name variables tainted
https://bugs.ruby-lang.org/issues/9588#change-79317

* Author: jrusnack (Jan Rusnacko)
* Status: Open
* Priority: Normal
* Assignee: 
* Target version: 
* ruby -v: 1.8.7, 1.9.3, 2.0.0
* Backport: 
----------------------------------------
I have noticed inconsistency in taint flag of program name:

[jrusnack@dhcp-31-42 ruby-safe]$ cat tainted.rb
#!/usr/bin/env ruby
puts "$0:            #{$0}, tainted? #{$0.tainted?}"
puts "__FILE__:      #{__FILE__}, tainted? #{__FILE__.tainted?}"
puts "$PROGRAM_NAME: #{$PROGRAM_NAME}, tainted? #{$PROGRAM_NAME.tainted?}"

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 1.8.7
Using /home/jrusnack/.rvm/gems/ruby-1.8.7-p374

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0:            ./tainted.rb, tainted? true
__FILE__:      ./tainted.rb, tainted? false
$PROGRAM_NAME: ./tainted.rb, tainted? true

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 1.9.3
Using /home/jrusnack/.rvm/gems/ruby-1.9.3-p484

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0:            ./tainted.rb, tainted? false
__FILE__:      ./tainted.rb, tainted? true
$PROGRAM_NAME: ./tainted.rb, tainted? false

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 2.0.0
Using /home/jrusnack/.rvm/gems/ruby-2.0.0-p353

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0:            ./tainted.rb, tainted? false
__FILE__:      ./tainted.rb, tainted? true
$PROGRAM_NAME: ./tainted.rb, tainted? false

-- 
https://bugs.ruby-lang.org/

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [ruby-core:95314] [Ruby master Bug#9588] program name variables tainted
       [not found] <redmine.issue-9588.20140303090945@ruby-lang.org>
                   ` (3 preceding siblings ...)
  2019-07-12  2:01 ` [ruby-core:93699] [Ruby master Bug#9588] " merch-redmine
@ 2019-10-13 17:19 ` merch-redmine
  4 siblings, 0 replies; 5+ messages in thread
From: merch-redmine @ 2019-10-13 17:19 UTC (permalink / raw)
  To: ruby-core

Issue #9588 has been updated by jeremyevans0 (Jeremy Evans).

Status changed from Open to Closed

As tainting will be removed from Ruby 2.7, this can be closed.

----------------------------------------
Bug #9588: program name variables tainted
https://bugs.ruby-lang.org/issues/9588#change-82010

* Author: jrusnack (Jan Rusnacko)
* Status: Closed
* Priority: Normal
* Assignee: 
* Target version: 
* ruby -v: 1.8.7, 1.9.3, 2.0.0
* Backport: 
----------------------------------------
I have noticed inconsistency in taint flag of program name:

```
[jrusnack@dhcp-31-42 ruby-safe]$ cat tainted.rb
#!/usr/bin/env ruby
puts "$0:            #{$0}, tainted? #{$0.tainted?}"
puts "__FILE__:      #{__FILE__}, tainted? #{__FILE__.tainted?}"
puts "$PROGRAM_NAME: #{$PROGRAM_NAME}, tainted? #{$PROGRAM_NAME.tainted?}"

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 1.8.7
Using /home/jrusnack/.rvm/gems/ruby-1.8.7-p374

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0:            ./tainted.rb, tainted? true
__FILE__:      ./tainted.rb, tainted? false
$PROGRAM_NAME: ./tainted.rb, tainted? true

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 1.9.3
Using /home/jrusnack/.rvm/gems/ruby-1.9.3-p484

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0:            ./tainted.rb, tainted? false
__FILE__:      ./tainted.rb, tainted? true
$PROGRAM_NAME: ./tainted.rb, tainted? false

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 2.0.0
Using /home/jrusnack/.rvm/gems/ruby-2.0.0-p353

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0:            ./tainted.rb, tainted? false
__FILE__:      ./tainted.rb, tainted? true
$PROGRAM_NAME: ./tainted.rb, tainted? false
```

-- 
https://bugs.ruby-lang.org/

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2019-10-13 17:19 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <redmine.issue-9588.20140303090945@ruby-lang.org>
2014-03-03  9:09 ` [ruby-core:61250] [ruby-trunk - Bug #9588] [Open] program name variables tainted jrusnack
2014-03-03  9:59 ` [ruby-core:61251] [ruby-trunk - Bug #9588] " shugo
2014-03-03 10:59 ` [ruby-core:61252] " shyouhei
2019-07-12  2:01 ` [ruby-core:93699] [Ruby master Bug#9588] " merch-redmine
2019-10-13 17:19 ` [ruby-core:95314] " merch-redmine

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).