security error: I can execute anything I want!

Sophrinix / TryRuby

Try Ruby is a interactive shell that quickly and whimsically teaches the Ruby programming language. Originally _why's idea, it has been recreated from the ground up by Rubyists who have a passion for Ruby and for teaching their fellow (wo)man how to program.

tryruby.org

345 stars 80 forks source link

security error: I can execute anything I want! #14

Closed ghost closed 14 years ago

ghost commented 14 years ago

A big security error: somehow popup.rb lets you execute anything you want. I just read /etc/passwd on the tryruby.sophrinix.com server accidentally. if you open a new tryruby session and run:

require 'popup' %x(cat /etc/passwd)

it will give you the file. creepy. IMPORTANT!!

Sophrinix commented 14 years ago

i disabled popup on production immediately! looking into a fix right NOW!

Sophrinix commented 14 years ago

it appears that it is required that you require popup.rb in order to be ownable. However, simply disabling require is lame, because whats to stop someone from just typing the contents of popup.rb in and then executing %x.

Sophrinix commented 14 years ago

this was resolved in nanothief's repo. I did a pull, tested it, and its now fixed in my repo.

ghost commented 14 years ago

When I look at both of your TryRuby pages (like http://github.com/Sophrinix/TryRuby/), It says that you have not edited the code for two days. Am I using github wrong?