[HCoop-Discuss] SVN security issues
Marcus Rueckert
darix at web.de
Mon Nov 6 05:45:09 EST 2006
On 2006-11-06 02:25:59 -0800, Karl Chen wrote:
> Hi Marcus, I may have been unclear, but the issue is www-data not
> trusting the user, not that the user wants to run the script as
> himself.
why is this an issue? in a clean setup neither www-data nor the user
should be able to write _any_ hook scripts. so now we have all hook
scripts are owned by root. that means every hook script got a review.
no hook script is writable during the execution of the script.
so the only remaining attack vector might be "sudo".
> You are right that Linux does not allow setuid shebang scripts and
> that one solution to that issue is to use sudo, however this does
> not solve the issue of not trusting the user.
>
> On this server, all users have regular shell accounts so running
> the hook under the user account is OK.
with my proposal the default hook script would be a stub that calls the
actual hook script with "sudo" so the www-data part is pretty trivial.
Shouldnt this solve your issue?
darix
--
openSUSE - SUSE Linux is my linux
openSUSE is good for you
www.opensuse.org
More information about the HCoop-Discuss
mailing list