[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev Re: who owns what

From: Bela Lubkin
Subject: Re: lynx-dev Re: who owns what
Date: Sun, 11 Oct 1998 04:18:04 -0700

Tom Dickey replied to me:

> > Meanwhile, I do agree with the notion that if a file is in (or below) 
> > your home directory, Lynx should trust it.  I say that because, if your 
> > home directory is untrustworthy (e.g. if it has permissions that allow 
> > anyone to write files into it), there are endless ways to attack you. 
> > Lynx can't help you.  It's like locking the door of a car when the 
> > window is rolled down. 
> it's still the same problem - someone's asserted it's the $HOME, which may
> not be reliable.  it should be subject to the same checks as other files.

Disagree.  If the user is running with $HOME set to something other than
his real home directory, then either he *means* to be doing it and
trusts that directory (e.g. you're surely going to *read* .lynxrc from
there); or, otherwise, he's already so screwed that Lynx can't help him.
Someone managed to set $HOME in this poor sap's environment, what can
Lynx do to protect him from all the other programs that will kill him?

You're confusing this with a case of someone trying to use a program
(probably a setuid program) to break into a system.  Here we're trying
to protect the *user* of the program from malicious external
redirection; not protect the *system* from the *user*.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]