[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug-patch] [PATCH] do not validate target name when it is specified

From: Jim Meyering
Subject: Re: [bug-patch] [PATCH] do not validate target name when it is specified on the command line
Date: Mon, 14 Feb 2011 10:34:59 +0100

Andreas Gruenbacher wrote:

> On Monday 14 February 2011 10:16:12 Jim Meyering wrote:
>> I see what you mean, but invalid names seem important enough that I would
>> not want to be prompted -- not even with a warning -- about the patch
>> in question.
> On the other hand, immediately aborting when we see an invalid name (like in
> the current git) is also not appreciated?

When it comes to security, even low-risk things like this,
I think it pays to be extra careful, even if that ends up
causing minor inconvenience.

>> When being prompted, it is too easy to miss the preceding
>> warning among the already relatively verbose output.
> What harm does it do if the warning is overlooked?

With a prompt, it's too easy for the naive user to type in some variant
of the invalid file name.  Obviously neither you nor I would try
"../../f" when patch says that "../f" doesn't work, but for a beginner,
even ../../../etc/passwd might not raise an eyebrow.  Issuing the prompt
makes abuse via social engineering a tiny bit easier.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]