hook security

From: David Glasser <glasser_at_davidglasser.net>
Date: 2007-11-07 20:23:08 CET

Do you think it's worth adding explicit notes to the comments in the
hook templates the fact that the argument values should always be
"$QUOTED" in the hook script?

This is especially the case for the PROPNAME arguments to the revprop
change scripts, which are essentially passed through blindly from the
client. (There is a *client-side* validity check, which is
irrelevant, and a check that it isn't an svn:wc: or svn:entry: prop;
and perhaps mod_dav_svn imposes other restrictions that I'm not
familiar with, but at least with svnserve a custom RA-driving client
could totally set the "foo; rm -rf /;" property.

--dave

-- 
David Glasser | glasser_at_davidglasser.net | http://www.davidglasser.net/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Wed Nov 7 20:24:00 2007

This message: [ Message body ]
Next message: Blair Zajac: "Can svn_fs_copy() copy from txn nodes in the same txn?"
Previous message: David Glasser: "Re: svn commit: r27613 - in branches/issue-2991-dev/subversion: include include/private libsvn_ra_local libsvn_ra_neon libsvn_ra_serf libsvn_ra_svn libsvn_repos mod_dav_svn svnserve tests/cmdline"
Next in thread: Blair Zajac: "Re: hook security"
Reply: Blair Zajac: "Re: hook security"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]