Re: modules execution behavior

info-cvs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: modules execution behavior

From:	Mark D. Baushke
Subject:	Re: modules execution behavior
Date:	Fri, 20 May 2005 15:19:11 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Joe Hetrick <address@hidden> writes:

> I searched the archives and came up short, so..
> 
> I noticed something odd when moving between CVS < 1.11.5 > 1.11.5.
> 
> -i commands specified in the modules file are no longer executed.

Correct.

> Could this be due to a change in behavior, or a misconfiguration?

It was a security fix for cvs 1.11.6.

> Moving between 1.10 or 1.11.5 or 1.11.17,18,20 shows the behavior.
> 
> Below 1.11.5, my -i module commands are executed, with 17, 18, 20,
> they are not.

Correct.

> Here is a snippet from my modules file:
> 
>      raddb -i /home/cvs/cvsroot/cvs_bin/notify-radius.sh raddb
> 
> Additionally, something I noticed is that "broken" behavior has no
> Checkin.prog specified in CVS/ of the repository.
> 
> What have I missed?

The NEWS file tells you

|Changes from 1.11.5 to 1.11.6:
|
|...
|
|* The Checkin.prog and Update.prog functionality has been removed.  This
|fuctionality previously allowed executables to be specified in the modules file
|to be run at update and checkin time, but users could edit these files on a per
|workspace basis, creating a security hole.

src/ChangeLog entry:

|2003-04-28  Derek Price  <address@hidden>
|
|       * client.c (save_prog): Remove unneeded struct.
|       (checkin_progs, update_progs): Remove these unneeded globals.
|       (handle_set_checkin_prog, handle_set_update_prog, do_deferred_progs):
|       Remove these functions.
|       (send_repository): Remove checkin and update prog support.
|       (responses): Remove Set-checkin-prog and Set-update-prog.
|       (get_responses_and_close): Don't call do_deferred_prog().
|       * commit.c (commit_usage): Remove reference to -n.
|       (commit): Don't set and send run_module_prog via -n.  Don't run
|       Checkin.prog or Checkout.prog in local mode.
|       * modules.c (CVSMODULE_OPTS): Remove -i and -u.
|       (do_module): Don't process -i and -u options to set checkin and update
|       progs, respectively.
|       * server.c (server_prog, serve_checkin_prog, server_update_prog):
|       Remove unused functions.
|       (requests): Remove Checkin-prog and Update-prog.
|       * update.c (update_dirleave_proc): Remove update prog functionality.
|
|       * cvs.h (CVSADM_CIPROG, CVSADM_UPROG): Remove unneeded defines.
|       * server.h (server_prog): Remove proto.
|       (progs): Remove enum.
|
|       * sanity.sh (modules5): Remove tests for checkin and update programs.

The basic problem is that a hostile user could cause malicious code to
be committed to the cvs repository that other users would end up running
without recourse during either a 'cvs checkout' or a 'cvs update'.

        Enjoy!
        -- Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQFCjmJf3x41pRYZE/gRAsS4AKCqZ+P1mZ+obaHKyG13HsyxY2U8zQCfTKoI
PxdD97IeJKDiP62/dxyp4Lc=
=mEUW
-----END PGP SIGNATURE-----

[Prev in Thread]

Current Thread

[Next in Thread]

modules execution behavior, Joe Hetrick, 2005/05/20
- Re: modules execution behavior, Larry Jones, 2005/05/20
- Re: modules execution behavior, Mark D. Baushke <=

Prev by Date: Re: modules execution behavior
Next by Date: CVS INSTALLATION ON LINUX RHEL AS 2.1 OR 3 - FOR IBM WSAD 5.1.2 VERSION MANAGEMENT CODE
Previous by thread: Re: modules execution behavior
Next by thread: CVS INSTALLATION ON LINUX RHEL AS 2.1 OR 3 - FOR IBM WSAD 5.1.2 VERSION MANAGEMENT CODE
Index(es):
- Date
- Thread