[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-hackers] Savannah CVSROOT enhancement
|
From: |
James E. Blair |
|
Subject: |
[Savannah-hackers] Savannah CVSROOT enhancement |
|
Date: |
Tue, 06 Jan 2004 11:12:15 -0500 |
|
User-agent: |
Gnus/5.1002 (Gnus v5.10.2) Emacs/21.3 (gnu/linux) |
To improve security in the CVS repositories on Savannah, we have
disallowed writing to files in the CVSROOT directory. Most of them
allow users to instruct CVS to run arbitrary code, and we believe this
opens Savannah up to potential remote exploits.
Many of these files are important for the proper functioning of CVS
and are especially necessary for more complex repositories. We need
to enable the functions that these files provide, but in a safe
manner. Therefore we propose an enhancement to Savannah to provide a
web interface to administer these files safely.
1) The interface will support administering several files in CVSROOT.
It should initially support these files and should be easily
extensible to support others:
commitinfo
loginfo
cvswrappers
modules
2) For "commitinfo" and "loginfo" the system needs to allow users to
select from a fixed set of programs already installed in the
system, which should be easily extensible. Users should be able to
select which program to run (ex: log_accum), the regex to match,
and any command line arguments for the program.
Here is an example line from loginfo:
^emacs /usr/local/bin/log_accum -T emacs -C -m address@hidden address@hidden
-s %{sVv}
And an example from commitinfo:
^emacs /usr/local/bin/commit_prep -T emacs -r
3) For "cvswrappers" we need to allow users to specify regexes, and -m
or -k flags for files (but not the -f or -t flags which can be
dangerous):
*.gif -k 'b'
4) For "modules" users should be able to specify -d and -l flags as
well as use the & syntax, but not any of the "Run" options (-ioetu)
or the -a alias option.
5) The web interface will write data to new tables in the database,
and new backend scripts will sanity check the values, properly
shell escape the arguments to programs, and write out the files to
CVSROOT.
Would someone from savannah-hackers please volunteer to perform this
work?
Thank you.
James Blair
FSF Systems Administrator
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Savannah-hackers] Savannah CVSROOT enhancement,
James E. Blair <=