syatem command and dummy fields
Dennis Malen
dmalen at malen.com
Mon May 19 07:13:41 PDT 2008
Suppose I include in processing what the values of ba and bc should be
limited to before the report runs. Does that solve the evil processing
concern?
If ba ne "msxpay" etc. ???
Dennis Malen
516.479.5912
----- Original Message -----
From: "Walter Vaughan" <wvaughan at steelerubber.com>
To: "filePro" <filepro-list at lists.celestial.com>
Sent: Monday, May 19, 2008 8:18 AM
Subject: Re: syatem command and dummy fields
> Fairlight wrote:
>
>>Y'all catch dis heeyah? Walter Vaughan been jivin' 'bout like:
>>
>>
>>>Also be aware that fields 7 and 8 are now vectors that can get you in
>>>trouble. If someone puts "; evil_command; " in one of those fields, they
>>>have full access to whatever filepro has as well. Delete, change records,
>>>logs, etc... at will
>>>
>>>You might want to strip those fields of semicolons for auditing purposes.
>>>
>>>
>>
>>Walter, you do enough web design that I'd have expected you to know that
>>semicolons aren't the only thing that can get you in trouble.
>>
>>
> It's early in the morning. Thanks for the rest of the explanation for
> Dennis.
>
> It's not that you expect users to do evil things. Evil things can happen
> when you least expect it.
> Crap falls on keyboards and all sort of weird things happen with un
> natural data.
>
>>In fact, pipes are another huge vector. And pipes work on both *nix and
>>Windows...a fact that proved the big common arbitrary code execution
>>exploit in fPCGI 1.0 before I managed to convince them to close it.
>>Doesn't even matter if another part of the line errors--if the malicious
>>part is executed, you're screwed.
>>
>>Then there are grave quotes, which can also come anywhere within the
>>command on *nix, and also allow for easy injection.
>>
>>In general, -all- shell metacharacters should be stripped from
>>user-supplied segments of anything that will ever touch a command
>>interpreter. Actually, if your architecture requires user-supplied data
>>on
>>the command line, the architecture should be better designed, as a general
>>rule of thumb.
>>
> Agreed.
>
> --
> wdv
> _______________________________________________
> Filepro-list mailing list
> Filepro-list at lists.celestial.com
> http://mailman.celestial.com/mailman/listinfo/filepro-list
More information about the Filepro-list
mailing list