[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#496429: The possibility of attack with the help of symlinks in some Debian packages

On Mon, 2008-08-25 at 14:17 +0400, Dmitry E. Oboukhov wrote:
> NW>>> An attacker would be insane to select this example as a
> NW>>> vehicle.
> NW>> 
> NW>> Attacker can use many ways (all variants from this list, for ex), one of
> NW>> its can work. Why you think that this variant is not work?
> NW> Because it is in the documentation, not the script. Didn't you read the
> NW> reply? It is not a route of attack, it is AN EXAMPLE in the
> NW> documentation!

> This script marked as executable.
> User can start its.

Dimtry, please read the replies I've already sent. This is embedded
documentation within an executable script. The documentation is stripped
from the script by the perl interpreter before compilation. This is a
standard method of combining documentation into perl scripts called POD
and it is not a security risk!!!

Think of POD as if it was /* foo */ in a C source file. It is excluded
from the compilation of the script by the perl interpreter, it is
available to perldoc and pod2man scripts to generate documentation. It
is NOT executable.

> if it is an example, please chmod a-x to it ;)

It is an example in POD documentation. POD documentation is included in
the script but it is NEVER executed.




Anything between the POD markers is NOT executable. There is absolutely
NO way that the user can execute the contents of a POD block without
copying and pasting to their own script.


Neil Williams

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: