Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: filename ... has invalid characters

2006-06-12 15:25:09
Subject: Re: filename ... has invalid characters
From: "John Franks" <jrfranks AT zmanda DOT com>
To: <amanda-hackers AT amanda DOT org>, "Amanda Mailing List" <amanda-users AT amanda DOT org>, "Toralf Lund" <toralf AT procaptura DOT com>
Date: Mon, 12 Jun 2006 12:14:21 -0700 
Hi Toralf,
First off, I rather like your approach to configuration files.

A little research shows that the explicit test was introduced to plug
a security hole reported by PERL... See BUG #1353481 for more information.

I'm piping in here, and expanding the audience to include amanda_hackers,
since the change seems to impact my work on allowing spaces in file names.
(Currently checked into sourceforge 2.5.1 branch.)
The current check is a little too strict and will strip out spaces and control
characters, all of which are valid according to POSIX rules.
(POSIX allows any character except '/' or NULL is allowable.)

I'm proposing an alternate solution to our mutual problems:
 Sanitize file name by simply rejecting any '..' path component
 in a configuration name.

This should allow any arbitrary character in the configuration name
and prevent any attempts to use a configuration outside of the
amanda configuration directory.

Toralf: will this work for you?
Hackers: will this pass security muster?

Regards,
John
----- Original Message ----- From: "Toralf Lund" <toralf AT procaptura DOT com> 
To: "Amanda Mailing List" <amanda-users AT amanda DOT org>
Sent: Monday, June 12, 2006 2:35 AM
Subject: filename ... has invalid characters 


I'm now testing amanda 2.5.0p2. First problem:

# amstatus ks/archive
filename 'ks/archive' has invalid characters.
I suppose the problem here is that I specified a filename containing "/", but I actually did this on purpose, and it has always worked in the past. I'm using multiple directory levels under /etc/amanda, you see - amanda.conf for the configuration I'm trying to refer to here is stored under /etc/amanda/ks/archive. I set it up like that because I wanted to group configs that would share data like the disklist. (So I have a /etc/amanda/ks/disklist referenced by several different /etc/amanda/ks/*/amanda.conf.) Maybe this was stupid, but it seemed like a good idea at the time... In any case, I'm wondering why an explicit test on the configuration name has (apparently) been introduced. Won't you find out soon enough anyway whether it is correct or not? (I mean, you just look for /etc/amanda/<config>/amanda.conf...) 

--
Toralf Lund
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: dump tape full?, Kristian Rink
Next by Date:  Re: dump tape full?, Jon LaBadie
Previous by Thread:  filename ... has invalid characters, Toralf Lund
Next by Thread:  Re: filename ... has invalid characters, Toralf Lund
Indexes:  [Date] [Thread] [Top] [All Lists]