URL: https://github.com/freeipa/freeipa/pull/204
Title: #204: ipautil.run: Remove hardcoded environ PATH value
mbasti-rh commented:
"""
Closing this PR, how to handle environment variables must be discussed and
designed first.
"""
See the full comment at
URL: https://github.com/freeipa/freeipa/pull/204
Title: #204: ipautil.run: Remove hardcoded environ PATH value
rcritten commented:
"""
+1 on using absolute paths.
I don't recall any cases where KRB5_TRACE was needed so is this a theoretical
use case or an actual one?
Yes, LD_PRELOAD or
URL: https://github.com/freeipa/freeipa/pull/204
Title: #204: ipautil.run: Remove hardcoded environ PATH value
mbasti-rh commented:
"""
https://fedorahosted.org/freeipa/ticket/6449
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/204#issuecomment-257847185
--
Manage your
URL: https://github.com/freeipa/freeipa/pull/204
Title: #204: ipautil.run: Remove hardcoded environ PATH value
pspacek commented:
"""
The approach with wiping env adds another layer of problems, e.g. inability to
use `KRB5_TRACE` environment variable for debugging etc.
IMHO we should use
URL: https://github.com/freeipa/freeipa/pull/204
Title: #204: ipautil.run: Remove hardcoded environ PATH value
rcritten commented:
"""
This isn't about replacing existing binaries, it's about putting binaries into
unexpected places that are in the default PATH (e.g. ~/bin or /usr/local/bin).
URL: https://github.com/freeipa/freeipa/pull/204
Title: #204: ipautil.run: Remove hardcoded environ PATH value
mbasti-rh commented:
"""
> PATH is untrustworthy because there is no knowing what is in it, or the
> order. It could easily have /usr/local/bin first and some rogue version of a
>
URL: https://github.com/freeipa/freeipa/pull/204
Title: #204: ipautil.run: Remove hardcoded environ PATH value
rcritten commented:
"""
PATH is untrustworthy because there is no knowing what is in it, or the order.
It could easily have /usr/local/bin first and some rogue version of a program
URL: https://github.com/freeipa/freeipa/pull/204
Title: #204: ipautil.run: Remove hardcoded environ PATH value
mbasti-rh commented:
"""
Can you elaborate more about that attack? Do you have any links to share?
If an attacker has permission to set a user environment variables, IMO the user
has
URL: https://github.com/freeipa/freeipa/pull/204
Title: #204: ipautil.run: Remove hardcoded environ PATH value
rcritten commented:
"""
NACK. I'd be fine with changing the PATH to remove cruft but the primary
purpose is to prevent an attacker from providing their own PATH with unknown