[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 2.99.56pre4 config help
On Tue, Jun 10, 2003 at 11:28:20AM -0400, Ambrose LI wrote:
> In article <20030610174655.L27724@nic.funet.fi> you write:
> >I do think that current generations of router scripts (and
> >script language) are fairly immune to careless script writer,
> >and that built-in scripts are safe. However Ambrose's 2.99.54
> >might be another story.
>
> I am now running 2.99.56pre4 at home (the latest tar.gz from
> nic.funet.fi); one day ago I was running 2.99.50s11 (not 2.99.54).
>
> At the office we are running 2.99.56-pre1 (or so it claims; that
> was a CVS snapshot).
>
> Are these versions (.56pre4 and .56pre1) safe? If they are then
> is it fairly safe to re-enable the interactive routing subsystem?
Fairly safe. (*)
At .56* all known threats, and threat-models have been eliminated,
rendered unlikely, or otherwise harmless in the router scripts.
(E.g. since I eliminated the "process expanded strings as shell
commands", feeding choicy: "`rm -f /`"@foo.bar and having bad
local address handler script that carelessly handles expanded
variables... That is one of the threats, I had in mind, when
the shell variable expansion treatment was altered a while ago.)
(Manual testing needs proper quotation at entry-time, remember,
that thing is _shell_)
I trust them enough to run them at several of my systems.
(And at some systems I could run them, but have been lazy,
and not enabled them.)
> BTW the content filter seems to be running as root. (Perl's
> $< and $> are both 0.) Is this normal, is it a bug, or have I
> misconfigured my system?
That is normal. It could be running as 'trusted' (e.g. 'daemon'),
but I haven't had need for that, yet.
> Ambrose LI Cheuk-Wing <a.c.li@ieee.org>
--
/Matti Aarnio <mea@nic.funet.fi>
*) "unlikely" = "I have done my best, but the thing is darn
large and complex, and some things may contain surprises.."
Absolute certainly gets into deep common-criteria evaluation...
-
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi