[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev Re: who owns what
From: |
Bela Lubkin |
Subject: |
Re: lynx-dev Re: who owns what |
Date: |
Sun, 11 Oct 1998 04:18:04 -0700 |
Tom Dickey replied to me:
> > Meanwhile, I do agree with the notion that if a file is in (or below)
> > your home directory, Lynx should trust it. I say that because, if your
> > home directory is untrustworthy (e.g. if it has permissions that allow
> > anyone to write files into it), there are endless ways to attack you.
> > Lynx can't help you. It's like locking the door of a car when the
> > window is rolled down.
>
> it's still the same problem - someone's asserted it's the $HOME, which may
> not be reliable. it should be subject to the same checks as other files.
Disagree. If the user is running with $HOME set to something other than
his real home directory, then either he *means* to be doing it and
trusts that directory (e.g. you're surely going to *read* .lynxrc from
there); or, otherwise, he's already so screwed that Lynx can't help him.
Someone managed to set $HOME in this poor sap's environment, what can
Lynx do to protect him from all the other programs that will kill him?
You're confusing this with a case of someone trying to use a program
(probably a setuid program) to break into a system. Here we're trying
to protect the *user* of the program from malicious external
redirection; not protect the *system* from the *user*.
>Bela<
- Re: lynx-dev Re: who owns what, (continued)
Re: lynx-dev Re: who owns what, David Combs, 1998/10/10
Re: lynx-dev Re: who owns what, Bela Lubkin, 1998/10/11
Re: lynx-dev Re: who owns what, Bela Lubkin, 1998/10/11
Re: lynx-dev Re: who owns what, dickey, 1998/10/11
Re: lynx-dev Re: who owns what, dickey, 1998/10/11
Re: lynx-dev Re: who owns what,
Bela Lubkin <=