[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: tools/examples/svnserve-sgid.c has *serious* security hole

From: Eric Gillespie <epg_at_pretzelnet.org>
Date: 2006-08-18 02:13:58 CEST

Max Bowsher <maxb1@ukf.net> writes:

> tools/examples/svnserve-sgid.c is a wrapper that arranges to execute
> svnserve with a changed real and effective gid.
> Problem: It does not sanitize args at all.
> This means that someone can use --tunnel-user to:
> * lie about their identity
> * bypass authz rules
> Ouch.

This is for svn+ssh use, where either of two things is true:

1) You have a shell on the host and can run svnserve with any
   arguments you like.

2) You do not have a shell on the host, and the administrator
   controls the svnserve arguments in the authorized_keys file.

Eric Gillespie <*> epg@pretzelnet.org
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Aug 18 02:15:34 2006

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.