On Thu, 4 May 2000, Noel L Yap wrote:
> It just occurred to me that such a feature could (depending on how the script is
> written, its permissions, and any number of other factors) be a security hole if
> users who only had checkout privileges were able to execute the script.
>
In principle I agree with you that a badly designed script could be a problem.
This would be the responsibility of anyone that adds a script to "checkoutinfo"
to make sure it's secure and robust.
But, it does seem somewhat unlikely that a script could cause security problems
since the script only gets the information passed to it from CVS internally.
I suppose things like bufferoverflows and such could happen. And of course
depending on what the script does some tricky logic could expose things that
shouldn't be seen. Personally I would think if you were aware of these
types of problems you could program around it. I don't think this would be a
bigger security hole than CGI programs for example...
Is there anything else you were thinking of that I missed?
Erik Kluzek, (CGD at NCAR)
National Center for Atmospheric Research
Boulder CO, (off) (303)497-1326 (fax) (303)497-1324
--------- Home page and public PGP key---------------
http://www.cgd.ucar.edu/~erik
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
