[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] Wget - acess list bypass / race condition PoC
|
From: |
Giuseppe Scrivano |
|
Subject: |
Re: [Bug-wget] Wget - acess list bypass / race condition PoC |
|
Date: |
Thu, 18 Aug 2016 15:34:12 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) |
Hi,
Tim Rühsen <address@hidden> writes:
> Please review / test this patch.
>
> Please check the 'Reported-by' in the commit message and if you got a CVE
> number, please report for inclusion into the commit message (and/or the code).
>
> Regards, Tim
>
> On Mittwoch, 17. August 2016 10:40:35 CEST Dawid Golunski wrote:
>> Random file name + .part extension on temporary files would already be
>> good improvement (even if still stored within the same directory) and
>> help prevent the exploitation.
I still think we should used a fixed extension, not a random file name.
If wget crashes or the process is terminated for any reason, these files
will be left around. With a deterministic name, at least we can recover
from what was left.
IMO, it is enough to open these files with rw only for the user and not
add any extra complexity. It is not wget responsibility to take care of
a misconfigured server that allows to execute random files fetched from
http/ftp.
Regards,
Giuseppe
- [Bug-wget] Wget - acess list bypass / race condition PoC, Dawid Golunski, 2016/08/14
- Re: [Bug-wget] Wget - acess list bypass / race condition PoC, moparisthebest, 2016/08/15
- Re: [Bug-wget] Wget - acess list bypass / race condition PoC, Tim Rühsen, 2016/08/15
- Re: [Bug-wget] Wget - acess list bypass / race condition PoC, Ander Juaristi, 2016/08/17
- Re: [Bug-wget] Wget - acess list bypass / race condition PoC, Tim Rühsen, 2016/08/17
- Re: [Bug-wget] Wget - acess list bypass / race condition PoC, Dawid Golunski, 2016/08/17
- Re: [Bug-wget] Wget - acess list bypass / race condition PoC, Tim Rühsen, 2016/08/17
- Re: [Bug-wget] Wget - acess list bypass / race condition PoC, Dawid Golunski, 2016/08/17
- Re: [Bug-wget] Wget - acess list bypass / race condition PoC, Dawid Golunski, 2016/08/17
- Re: [Bug-wget] Wget - acess list bypass / race condition PoC,
Giuseppe Scrivano <=
- Re: [Bug-wget] Wget - acess list bypass / race condition PoC, Tim Rühsen, 2016/08/18
- Re: [Bug-wget] Wget - acess list bypass / race condition PoC, Misra, Deapesh, 2016/08/18
- Re: [Bug-wget] Wget - acess list bypass / race condition PoC, Giuseppe Scrivano, 2016/08/21
- Re: [Bug-wget] Wget - acess list bypass / race condition PoC, Eli Zaretskii, 2016/08/21
- Re: [Bug-wget] Wget - acess list bypass / race condition PoC, Giuseppe Scrivano, 2016/08/21
- Re: [Bug-wget] Wget - acess list bypass / race condition PoC, Giuseppe Scrivano, 2016/08/24
- Re: [Bug-wget] Wget - acess list bypass / race condition PoC, Kurt Seifried, 2016/08/21