On Thu, Apr 01, 2010 at 09:11:04AM +0200, Daniel Stenberg wrote: > On Thu, 1 Apr 2010, Camille Moncelier wrote: > > > You could set up some _evil_ openssl engine and set init = 1 so openssl > > try to initialize it automatically and TADA, (Bonus points if the > > application is setuid root) :-) > > Assuming an app wants to support custom crypto engines as Petr Pisar enabled > with his patch, and assuming the app runs as setuid root. How can the app > limit what evilness a user can trick it into doing? > Unset OPENSSL_CNF. The same applies to NSS as user could supply custom NSS database (that can load PKCS#11 engines too).
In case of OpenSSL, this forces user to use system wide configuration that is under sole control of superuser. -- Petr
pgpqoT4vWuREB.pgp
Description: PGP signature
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
