Re: Perforce client: security hole by design
On Thu, Jan 04, 2007 at 08:03:34PM +0100, Ben Bucksch wrote:
[...]
> = Proposed fix =
>
> The problem at hand could be easily fixed by letting the client check
> out only in the current directory (or one specified by the user on the
> commandline or GUI, preferences stored locally), no matter what the
> server says. It may put files anywhere underneath that directory, but
> never higher or otherwise outside. It must never adhere to absolute
> paths from the server. This does require some changes to how client
> specs work, though.
[...]
Having not used the product, it's hard to say, but it sounds like
chrooting the client differently for each project on which you're
using it would be a suitable hack to provide a workaround, if a
slightly inefficient one. Of course, I agree this is no substitute
for fixing the application design (and likewise the behavior of the
developers responsible).
--
{ IRL(Jeremy_Stanley); PGP(9E8DFF2E4F5995F8FEADDC5829ABF7441FB84657);
SMTP(fungi@xxxxxxxxxxx); IRC(fungi@xxxxxxxxxxxxxxx#ccl); ICQ(114362511);
AIM(dreadazathoth); YAHOO(crawlingchaoslabs); FINGER(fungi@xxxxxxxxxxx);
MUD(fungi@xxxxxxxxxxxxxxxxxx:6669); WWW(http://fungi.yuggoth.org/); }