Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Documentation suggests vulnerable tempfile usage #759

Open
antong opened this issue Oct 9, 2018 · 5 comments
Open

Documentation suggests vulnerable tempfile usage #759

antong opened this issue Oct 9, 2018 · 5 comments
Labels
kind/documentation Documentation of cobra itself kind/security Related to projects/libraries that depend on cobra lifecycle/needs-pr Ready for a PR from the community

Comments

@antong
Copy link

antong commented Oct 9, 2018

Examples in the documentation for cobra/doc suggest insecure tempfile usage:

err := doc.GenMarkdownTree(cmd, "/tmp")
@github-actions
Copy link

github-actions bot commented Apr 8, 2020

This issue is being marked as stale due to a long period of inactivity

@github-actions github-actions bot closed this as completed Apr 5, 2022
@antong
Copy link
Author

antong commented Apr 10, 2022

This is a potential security issue. How can this be reopened?

@marckhouzam
Copy link
Collaborator

Hi @antong, could you clarify what is the security issue and if writing to a generic temporary directory would be better for the example?

@antong
Copy link
Author

antong commented Apr 10, 2022

Classic symlink attack: Say the command is cobra759. An attacker places a symlink /tmp/cobra759.md -> /home/bob/thesis.tex. Bob runs the code in the example, and his thesis is overwritten by the generated documentation. Or if run by root, then any file on the system can be overwritten or created. Modern Linux systems don't anymore allow this for directories (mainly tmp) with the sticky bit set in order to prevent this kind of attack. Older Linux systems allow this, and I don't know about other than Linux. Anyway, in my opinion the documentation shouldn't encourage such use.

@marckhouzam
Copy link
Collaborator

Thanks @antong. Would you be able to post a PR to update the documentation to a safe example?

@marckhouzam marckhouzam reopened this Apr 11, 2022
@marckhouzam marckhouzam added lifecycle/needs-pr Ready for a PR from the community kind/documentation Documentation of cobra itself kind/security Related to projects/libraries that depend on cobra and removed kind/stale labels Apr 11, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/documentation Documentation of cobra itself kind/security Related to projects/libraries that depend on cobra lifecycle/needs-pr Ready for a PR from the community
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@antong @marckhouzam