I tried a wireless-key containing a semicolon and a command. The command gets executed.
There's probably no security implications in this, since you already have to have elevated rights to be able to edit /etc/network/interfaces. Someone who's able to should mark this as a security problem, so that someone more knowledgeable than me looks into it. "Proof" follows (note the /x.x file): [EMAIL PROTECTED]:/# ls bin dev initrd lib mnt root sys var boot etc initrd.img lost+found opt sbin tmp vmlinuz cdrom home initrd.img.old media proc srv usr vmlinuz.old [EMAIL PROTECTED]:/# grep wireless-key /etc/network/interfaces wireless-key abcd; touch /x.x [EMAIL PROTECTED]:/# ifup wlan0 Internet Systems Consortium DHCP Client V3.0.3 Copyright 2004-2005 Internet Systems Consortium. All rights reserved. For info, please visit http://www.isc.org/products/DHCP Listening on LPF/wlan0/xx:xx:xx:xx:xx:xx Sending on LPF/wlan0/xx:xx:xx:xx:xx:xx Sending on Socket/fallback [EMAIL PROTECTED]:/# [EMAIL PROTECTED]:/# ls bin dev initrd lib mnt root sys var x.x boot etc initrd.img lost+found opt sbin tmp vmlinuz cdrom home initrd.img.old media proc srv usr vmlinuz.old [EMAIL PROTECTED]:/# -- wireless-key from /etc/network/interfaces not escaped https://launchpad.net/bugs/50386 -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
