[Click] Question: Script "cat" handler considered dangerous?
Bart Braem
bart.braem at ua.ac.be
Tue Jun 17 02:55:29 EDT 2008
On 16 Jun 2008, at 18:37, Eddie Kohler wrote:
> A quick question. I've justed added a handler to Click's Script
> element,
> accessible at userlevel, called "cat". This handler reads a file
> and returns
> its contents. For example:
>
> Script(set x $(cat /tmp/f))
>
> sets the script's "$x" variable to the contents of /tmp/f.
>
> This is pretty useful, but also potentially dangerous, since anyone
> who can
> call the Script's "cat" handler can read any file accessible to the
> click
> program. I am wondering if anyone finds this dangerous -- for
> example if
> someone is running ControlSocket. One possibility would be to make
> "cat"
> accessible within the config, and not from ControlSocket.
Hi Eddie,
Could you give an example of where this might be useful? I think there
is a large coupling between your system and your router if you need
this, but perhaps I'm mistaken.
I personally think it's dangerous, as a ControlSocket has no
authentication at all. For now that's not really a problem because of
the limited capabilities of a router, but it would become more
dangerous. We would have to be very careful not to write any code that
might result in that script being called. Also in new elements...
On the other hand, if one already runs Click as root, you should know
the implied dangers.
Regards,
Bart
--
Bart Braem
PATS research group - IBBT
Dept. of Mathematics and Computer Sciences
University of Antwerp
Campus Middelheim, G2.36
Middelheimlaan 1
B-2020 Antwerpen, Belgium
Phone: +32 (0)3 265.32.91
Fax: +32 (0)3 265.37.77
Web: www.pats.ua.ac.be
More information about the click
mailing list