Pawel Worach wrote on Fri, Dec 30, 2005 at 03:27:46AM +0100: > Sean Bryant wrote: > > Barney Wolff wrote: > > > >> On Thu, Dec 29, 2005 at 07:33:38PM -0500, Martin Cracauer wrote: > >> > >> > >>> I'm a bit rusty, so please point me to style mistakes in the appended > >>> diff. > >>> The following diff implements a "-O" option to fetch(1), which, when > >>> set, will make fetch use a local filename supplied by the server in a > >>> Content-Disposition header. > >>> > >> > >> Have you considered the security implications of this option? > >> > >> > >> > > Its just an extra option. I'm sure the details could be summed up in the > > man page. > > I think what Barney means is that if you run fetch(1) as root and the > server returns the filename as "/sbin/init" bad things will happen. > The data returned in Content-Disposition should be used with caution. First, the option of off by default, only when you say "-O" it will be considered. The security implications are about the same as for the base functionality. Any filename in the current directory can be wiped out if you fetch or wget and a URL redirects to another URL which leads to a filename that matches. The default behavior already *is* that the sending server has control over your local naming. I will forbit "/" to appear in the suggested filename, though. Martin -- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Martin Cracauer <cracauer_at_cons.org> http://www.cons.org/cracauer/ FreeBSD - where you want to go, today. http://www.freebsd.org/Received on Fri Dec 30 2005 - 02:04:09 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:49 UTC