search

ravthan / all-eyes

Automatically exported from code.google.com/p/all-eyes
0 stars 0 forks source link

calChecksumFilemon may have command injection in call to sha256sum #119

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
If the variable file_name contains a ";" in the string then you could trigger 
commands to be run as the user doing the calculation. 

IE file_name="test; /bin/rm -rf /" could have disastrous consequences.

Scott

Original issue reported on code.google.com by sck.no...@gmail.com on 26 Nov 2012 at 10:16

GoogleCodeExporter commented 8 years ago 
[deleted comment]
GoogleCodeExporter commented 8 years ago 
The function calChecksumFilemon() is in file filemon.c. This function is called 
only after opening a specific data file defined by symbolic name 
CONFIGFILECHKSUM. The data file defined by CONFIGFILECHKSUM has the owner/group 
of root/root and has the permission 0644 (only root can write to this file) 
after installation in production environment. There is no user input or user 
manipulable part other than the root user. Therefor, the command injection 
isn't exploitable. However, for safe coding, there should be checks built-in to 
prevent such problems.

Original comment by toddd...@gmail.com on 27 Nov 2012 at 4:02

GoogleCodeExporter commented 8 years ago 
The fix to this issue could be pulled from the changes for fix to issue #120.

Original comment by heyyoul...@gmail.com on 29 Nov 2012 at 11:22

GoogleCodeExporter commented 8 years ago 
Fixed,
ravi.

r992

Original comment by ravt...@gmail.com on 30 Nov 2012 at 12:23

GoogleCodeExporter commented 8 years ago 
Verified with unit testing

Original comment by tbrt....@gmail.com on 9 Dec 2012 at 9:24