On 04/07/2015 10:37 PM, Mihai Moldovan wrote:
On 08.04.2015 03:30 AM, Orion Poplawski wrote:
I'm thinking that x2go's server scripts should use perl's "-T" taint mode to prevent searching user's paths and otherwise improve security. Thoughts?
Good idea! I'm in favor of this and will dig into that when having spare time.
However, there's more to that than just enabling taint mode, by a quick glimpse at http://perldoc.perl.org/perlsec.html#Taint-mode
That is, we actually have to make sure that the scripts still *work in taint mode* prior to just blindly enabling it.
Oh, it absolutely breaks things as they stand now. The first thing I noticed is that PATH will need to be explicitly set for anything that execs another script. But I'm glad to see support for the idea.
We're also using at least one setuid script, which deserves special care to make sure it continues to work.
-- Orion Poplawski Technical Manager 303-415-9701 x222 NWRA, Boulder/CoRA Office FAX: 303-415-9702 3380 Mitchell Lane orion@nwra.com Boulder, CO 80301 http://www.nwra.com