http://d.puremagic.com/issues/show_bug.cgi?id=11365
Vladimir Panteleev <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #1 from Vladimir Panteleev <[email protected]> 2013-10-27 01:04:00 EEST --- I should note that "auto-correcting" file names has security implications. Let's suppose that there exists an upload script file, written in D, called "upload", in the root of a web server's public directory. The upload script goes like this: #!rdmd (code follows) The upload script allows users to upload files with any name to the same directory. Naturally, for security reasons, none of the uploaded files can be executable, and it's not possible to overwrite the upload script by uploading a file with the same name. Now, what happens if someone uploads a file called "upload.d"? The webserver runs "upload", which runs "rdmd upload", which runs "dmd upload", which compiles teh file "upload.d", and not "upload". The uploader successfully got their code running on the server. Possible solutions: 1) deprecate then remove all name auto-correction features from dmd and rdmd 2) forbid compilation if an ambiguity exists due to name auto-correction (although now this turns from an RCE vulnerability into a DOS vulnerability) 3) remove auto-correction features from rdmd; make rdmd pass a flag to dmd that disable name auto-correction --------------------------------------------------- Another problem with this suggestion: echo 'void main(){}' > foo.d dmd foo rm foo.d dmd foo dmd will now try to parse a compiled binary file as an executable. -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: -------
