Re: filename ... has invalid characters
2006-06-12 15:25:09
Hi Toralf,
First off, I rather like your approach to configuration files.
A little research shows that the explicit test was introduced to plug
a security hole reported by PERL... See BUG #1353481 for more information.
I'm piping in here, and expanding the audience to include amanda_hackers,
since the change seems to impact my work on allowing spaces in file names.
(Currently checked into sourceforge 2.5.1 branch.)
The current check is a little too strict and will strip out spaces and control
characters, all of which are valid according to POSIX rules.
(POSIX allows any character except '/' or NULL is allowable.)
I'm proposing an alternate solution to our mutual problems:
Sanitize file name by simply rejecting any '..' path component
in a configuration name.
This should allow any arbitrary character in the configuration name
and prevent any attempts to use a configuration outside of the
amanda configuration directory.
Toralf: will this work for you?
Hackers: will this pass security muster?
Regards,
John
----- Original Message -----
From: "Toralf Lund" <toralf AT procaptura DOT com>
To: "Amanda Mailing List" <amanda-users AT amanda DOT org>
Sent: Monday, June 12, 2006 2:35 AM
Subject: filename ... has invalid characters
I'm now testing amanda 2.5.0p2. First problem:
# amstatus ks/archive
filename 'ks/archive' has invalid characters.
I suppose the problem here is that I specified a filename containing
"/", but I actually did this on purpose, and it has always worked in the
past. I'm using multiple directory levels under /etc/amanda, you see -
amanda.conf for the configuration I'm trying to refer to here is stored
under /etc/amanda/ks/archive. I set it up like that because I wanted to
group configs that would share data like the disklist. (So I have a
/etc/amanda/ks/disklist referenced by several different
/etc/amanda/ks/*/amanda.conf.) Maybe this was stupid, but it seemed like
a good idea at the time... In any case, I'm wondering why an explicit
test on the configuration name has (apparently) been introduced. Won't
you find out soon enough anyway whether it is correct or not? (I mean,
you just look for /etc/amanda/<config>/amanda.conf...)
--
Toralf Lund
|
|
|