#15387: Problem with path security check inside /tmp on OS X
---------------------------+-------------------------
Reporter: nbruin | Owner:
Type: defect | Status: new
Priority: major | Milestone: sage-5.13
Component: porting | Resolution:
Keywords: | Merged in:
Authors: | Reviewers:
Report Upstream: N/A | Work issues:
Branch: | Commit:
Dependencies: | Stopgaps:
---------------------------+-------------------------
Comment (by nbruin):
I can confirm that the exact script executed on OSX outside /tmp does seem
to work. Nonetheless, the original reporter of the problem (who is
scmancuso?) seems to have a problem outside /tmp. Could it be that the
group of his files, RESEARCH_GROUP, is not his primary group (gid), so
that the situation he is running into IS actually the same as popping up
here? For instance, on bsd:
{{{
$ mkdir U
$ chmod 770 U
$ umask 002
$ cd U
$ touch test.py
$ ../sage -t test.py
THIS WORKS
$ chgrp everyone . #this is a group I am a member of, but it's not my
primary gid
$ ../sage -t test.py
RuntimeError: refusing to run doctests from the current directory
'/scratch/nbruin/U' since untrusted users could put files in this
directory, making it unsafe to run Sage code from
}}}
Thus, I think we've finally nailed down what the problem is: when testing
which groups can write to the current director and whether that is a safe
group, it is not enough to just consider the primary group of the user.
One should at least consider some of the groups the user belongs to in
general as well. Since that might be useless (a directory that's writeable
by wheel is not really less secure than only an owner-writeable directory
anyway), I would propose to forget about testing what the relation between
the GID of the directory and the groups of the user completely. We don't
have enough information to determine which groups are "safe" and which are
not and the scenario of the original reporter shows that only considering
the GID of the user is too restrictive.
--
Ticket URL: <http://trac.sagemath.org/ticket/15387#comment:4>
Sage <http://www.sagemath.org>
Sage: Creating a Viable Open Source Alternative to Magma, Maple, Mathematica,
and MATLAB
--
You received this message because you are subscribed to the Google Groups
"sage-trac" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/sage-trac.
For more options, visit https://groups.google.com/groups/opt_out.
