<span style="font-family: courier new,monospace;">Problem:</span><br style="font-family: courier new,monospace;"><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">I'm providing a mechanism so that a system can be configured<br>
to 'run' executables</span><span style="font-family: courier new,monospace;"> on remote machines based on configuration<br>information submitted in a CGI text field.</span><br style="font-family: courier new,monospace;">
<br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">Obviously I don't want to allow the user to trash the system.</span><br style="font-family: courier new,monospace;"><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">I'm going to:</span><br style="font-family: courier new,monospace;"><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">1/ restrict the system to allow it to only execute 'trusted' apps<br>
located in a 'known' directory. (can I make a chroot jail in Perl/CGI?)<br><br style="font-family: courier new,monospace;"></span><span style="font-family: courier new,monospace;">2/ strip characters from the invocation string that could be used to hurt me:</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> semicolon - because another malicious command could follow<br> backtic - because that could run another program<br> ( ) - because that could invoke a sub-shell to run ...<br>
| - because that could invoke ...<br> & - because other stuff might follow<br> > - because that could clobber an important file<br><br> any \0xxx string that represents any of the above 'nasty' characters.<br>
<br>Tainging only talks about the concept, not what to de-taint.<br><br>- Are there any other things I should check for/prevent?<br>- Is there any standard/common resource on the web that you<br> know of that talks about this (that I haven't found yet)?<br>
<br>TIA<br>Fulko<br><br><br style="font-family: courier new,monospace;"></span>