[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

tools/examples/svnserve-sgid.c has serious security hole

From: Max Bowsher <maxb1_at_ukf.net>
Date: 2006-08-17 14:18:01 CEST

tools/examples/svnserve-sgid.c is a wrapper that arranges to execute
svnserve with a changed real and effective gid.

Problem: It does not sanitize args at all.

This means that someone can use --tunnel-user to:
* lie about their identity
* bypass authz rules

Ouch.

Max.

application/pgp-signature attachment: OpenPGP digital signature

Received on Thu Aug 17 14:19:00 2006

This message: [ Message body ]
Next message: Kobayashi Noritada: "Re: [Bug] Language Mix in Subversion messages"
Previous message: Branko Čibej: "Re: [Bug] Language Mix in Subversion messages"
Next in thread: Eric Gillespie: "Re: tools/examples/svnserve-sgid.c has *serious* security hole"
Reply: Eric Gillespie: "Re: tools/examples/svnserve-sgid.c has *serious* security hole"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.