Security hole in history handling for root

zsh-workers
 help / color / mirror / code / Atom feed

From: "Richard Hartmann" <richih.mailinglist@gmail.com>
To: "Zsh Workers" <zsh-workers@sunsite.dk>
Subject: Security hole in history handling for root
Date: Thu, 1 Jan 2009 15:32:47 +0100	[thread overview]
Message-ID: <2d460de70901010632q3f2c1156x36a8d1e8a4445dd4@mail.gmail.com> (raw)

Hi all,

zsh does not complain when loading from or writing
to a history file which is not owned by root or 600.

My suggestion is that a warning similar to compaudit's
is introduced, both on loading and writing. People who
share history between root and their normal users might
appreciate an option to turn this off, but personally, I
think that is bad style, anyway.

For reference:

roadwarrior ~ # l .zsh_history
-rw-rw-rw- 1 richih richih 78515 2009-01-01 15:23 .zsh_history
roadwarrior ~ # zsh
roadwarrior ~ # mv .zsh zsh
roadwarrior ~ # ln -s /home/richih/.zsh .zsh
roadwarrior ~ # zsh
zsh compinit: insecure directories, run compaudit for list.
Ignore insecure directories and continue [y] or abort compinit [n]?

Richard

next             reply	other threads:[~2009-01-01 14:33 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-01-01 14:32 Richard Hartmann [this message]
2009-01-21 16:54 ` Richard Hartmann
2009-01-21 17:18   ` Peter Stephenson
2009-01-21 17:54     ` Richard Hartmann
2009-01-21 18:04       ` Peter Stephenson
2009-01-21 23:06         ` Richard Hartmann

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2d460de70901010632q3f2c1156x36a8d1e8a4445dd4@mail.gmail.com \
    --to=richih.mailinglist@gmail.com \
    --cc=zsh-workers@sunsite.dk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/zsh/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).