|
From: | Alexander Jones |
Subject: | Re: [Bug-ed] "red" doesn't restrict like "ed -r" |
Date: | Sat, 17 Jan 2015 17:16:41 -0600 |
User-agent: | KMail/4.14.2 (Linux/3.2.0-75-generic; KDE/4.14.2; x86_64; ; ) |
On Saturday, January 17, 2015 16:33:31 Tim Chase wrote: > To reproduce: > > $ uname -a > Linux laptop 3.2.0-4-amd64 #1 SMP Debian 3.2.60-1+deb7u3 x86_64 > GNU/Linux > $ red --version | head -1 > GNU Ed 1.6 > $ file `which red` > /usr/bin/red: symbolic link to `/bin/ed' > $ pwd > /home/tim > $ echo hello > edit_this.txt > $ red edit_this.txt > 6 > e /etc/passwd > 2120 > !pwd > /home/tim > ! > q > $ > > Based on the documentation[1], "A restricted version of ed, red, can > only edit files in the current directory and cannot execute shell > commands" which is the same as "ed -r". However, as best I can tell > from looking at the source[2], neither 1.10 nor 1.11rc1 has anything > in the source that looks for argv[0] being "red" rather than "ed" (and > thus "restricted_" doesn't get set accordingly, meaning that invoking > red(1) doesn't appear restrict file/shell access). > > Invoking as "ed -r" appears to work without issues. > > -tkc >
I think the issue is in the Debian packaging. In the ed source distribution, red is built as a shell script executing "ed --restricted". The Debian package must be setting /usr/bin/red as a symlink to /bin/ed instead of installing the built shell script to that location.
Alexander
|
[Prev in Thread] | Current Thread | [Next in Thread] |