Re: [exim-dev] Candidate patches for privilege escalation

Page principale
Supprimer ce message
Répondre à ce message
Auteur: David Woodhouse
Date:  
À: Phil Pennock
CC: exim-dev, Andreas Metzler
Sujet: Re: [exim-dev] Candidate patches for privilege escalation
On Wed, 2010-12-15 at 15:47 -0500, Phil Pennock wrote:
> On 2010-12-15 at 20:41 +0000, David Woodhouse wrote:
> > On Wed, 2010-12-15 at 19:22 +0100, Andreas Metzler wrote:
> > > <Mode proxy>
> > > Ian Jackson wrote on debian-devel on Tue, 14 Dec 2010:
> > > > Right. It should probably also refuse to read filenames matching
> > > > .* #* *# *~ *.tmp at the very least.
> > > >
> > > > You wouldn't want to edit your exim.conf to get rid of a security
> > > > problem and find that the attacker could just tell it to use the old
> > > > file !
> > > </proxy>
> >
> > Hm, very true.
> >
> > I don't want to hard-code things like that if we can avoid it.
> >
> > Should we make the TRUSTED_CONFIG_PREFIX_LIST into a list of regexes
> > instead of a list of prefixes?
>
> Most common-grade admins I encounter/interview have some difficulty with
> regular expressions. A list of prefices is nice and simple.


Well, if we turn the 'trusted configs' file into a list of regexes,
people would still be able to just treat it as a list of filenames. No
need to worry about it being a prefix or a regex or anything.

If you *want* to do something more, you can use a regex for it. And we
can provide a sample which disallows the backup files.

--
dwmw2