[scponly] Anyone ever look at the darcs-compat patch?

Kaleb Pederson kibab at icehouse.net
Fri Jul 13 01:24:19 EDT 2007 

I wouldn't want to look at configuration files, but if there is a way that we 
can guarantee that they can't execute a program outside of that, I'll 
consider it.

BTW, the latest CVS for scponly provides complete getopt_long processing, 
which can be used against all these arguments (as long as they are getopt or 
getopt_long style options) quite easily -- it's the defaults that I was 
worried about (and I didn't do as much research as I would need to be certain 
enough to allow it into CVS).

Thanks again.

--Kaleb



On Thursday 12 July 2007, Dan Knapp wrote:
> Hm, I didn't think of that.  I have to admit that's reasonable.
>
> Hypothetically, what if I were able to have it verify that there
> aren't any hooks that will be run?  I'm not immediately sure how I'd
> do that; but if you're at least tentatively open to the possibility, I
> can look into it.  I think it might be as simple as making sure the
> --no-posthook option is present (adding it if it's not), although
> potentially it could also involve looking at the defaults... the
> latter sounds kind of fragile and would be better to avoid, of course.
>
> Either way, thanks for your time.
>
> On 7/12/07, Kaleb Pederson <kibab at icehouse.net> wrote:
> > Hi Dan,
> >
> > I finally had a chance to look at your darcs-compat patch.  I can't
> > accept it because darcs provides a number of different ways that users
> > can run programs.
> >
> > For example:
> >
> > `darcs put --help` lists off:
> >
> > --posthook=COMMAND   specify command to run after this darcs command.
> >
> > A more comprehensive list is:
> >
> > --diff-command=COMMAND
> > --external-merge=COMMAND
> > --posthook=COMMAND
> > --sendmail-command=COMMAND
> >
> > To further complicate matters you can specify the command to run in the
> > configuration file.  For example:
> >
> > _darcs/prefs/defaults:
> >
> > apply posthook find . -user "$USER" -a ! -perm +g+w -exec chmod g+w '{}'
> > ';'
> >
> > Thus, even if we were able to process the command line arguments, there
> > are other ways that the user would be able to execute commands.
> >
> > Thank you for your efforts.
> >
> > --Kaleb
> >
> > On Thursday 21 June 2007, Kaleb Pederson wrote:
> > > Hi Dan,
> > >
> > > I'm working on a few bug fixes (one of which just went into CVS), and
> > > then I plan on looking at the new features, including this one.  I
> > > really haven't forgotten :).
> > >
> > > Thanks.
> > >
> > > --Kaleb
> > >
> > > On Thursday 21 June 2007, Dan Knapp wrote:
> > > > It's been a couple weeks now since people said they'd take a look at
> > > > my darcs-compat patch when they had the chance, and I haven't heard
> > > > back.  Has anybody done that yet?  I understand that you're
> > > > essentially volunteers (and thanks!), so there's no obligation, but I
> > > > just thought I'd send a note so it doesn't get lost in the shuffle.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : https://lists.ccs.neu.edu/pipermail/scponly/attachments/20070712/f84788f1/attachment.bin

More information about the scponly mailing list