Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

proxy: proxy_child hardening #578

Open
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
4 participants
@amitkumar50
Copy link
Contributor

commented May 23, 2018

proxy_child will call chdir("/"), umask(022)
and reset the environment with clearenv().

The --domain argument to be sanitized.

Resolves: https://pagure.io/SSSD/sssd/issue/2689

proxy: proxy_child hardening
proxy_child will call chdir("/"), umask(022)
and reset the environment with clearenv().

The --domain argument to be sanitized.

Resolves: https://pagure.io/SSSD/sssd/issue/2689
@centos-ci

This comment has been minimized.

Copy link
Collaborator

commented May 23, 2018

Can one of the admins verify this patch?

1 similar comment
@centos-ci

This comment has been minimized.

Copy link
Collaborator

commented May 23, 2018

Can one of the admins verify this patch?

@amitkumar50

This comment has been minimized.

Copy link
Contributor Author

commented May 23, 2018

sanitizing --domain argument is to be worked upon. your thoughts on this.

@jhrozek

This comment has been minimized.

Copy link
Contributor

commented May 23, 2018

ok to test

@jhrozek

This comment has been minimized.

Copy link
Contributor

commented May 23, 2018

@mzidek-rh do we already have some code that checks the name of the domain is valid? The man page says that only alphanumerical characters, dashes and underscores are allowed, but I can't find any code that would enforce this.

@mzidek-rh

This comment has been minimized.

Copy link
Contributor

commented Jul 12, 2018

@jhrozek Hi, sorry missed the question before (thanks @fidencio for the notice). AFAIK we do not sanitize the domain name nor do we check if it is a valid domain name.

Slightly related: We have some sssctl config-check rules for the domain section name (but I think they were problematic in some way, I think the rules are too benevolent and allow also invalid domain names because we did not wanted to be too restricted in domain names, but I would have to check the config-check code again if this was the case)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.