[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

gEDA-bug: [Bug 700333] Re: Local configuration should be parsed, not evaluated

To: geda-bug@xxxxxxxx
Subject: gEDA-bug: [Bug 700333] Re: Local configuration should be parsed, not evaluated
From: "John P. Doty" <jpd@xxxxxxxxx>
Date: Sun, 09 Jan 2011 04:17:46 -0000
Delivered-to: archiver@xxxxxxxx
Delivered-to: geda-bug@xxxxxxxx
Delivery-date: Sat, 08 Jan 2011 23:25:56 -0500
List-archive: <http://www.seul.org/pipermail/geda-bug>
List-help: <mailto:geda-bug-request@moria.seul.org?subject=help>
List-id: gEDA bug mailing list <geda-bug.moria.seul.org>
List-post: <mailto:geda-bug@moria.seul.org>
List-subscribe: <http://www.seul.org/cgi-bin/mailman/listinfo/geda-bug>, <mailto:geda-bug-request@moria.seul.org?subject=subscribe>
List-unsubscribe: <http://www.seul.org/cgi-bin/mailman/options/geda-bug>, <mailto:geda-bug-request@moria.seul.org?subject=unsubscribe>
References: <m3ei8n5u4c.fsf@xxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: Bug 700333 <700333@xxxxxxxxxxxxxxxxxx>, gEDA bug mailing list <geda-bug@xxxxxxxxxxxxxx>
Sender: geda-bug-bounces@xxxxxxxxxxxxxx

This isn't only a security problem. Tools that don't use libgeda still
need to be able to read the configuration. Such tools may not be written
in Scheme, and in any case won't contain the definitions from libgeda.

Another issue is that local configuration files need to override system
and user configuration settings. Therefore, for clarity and discipline,
the system and user configurations should also be parsed but not
evaluated. And, of course, the tools mentioned above need to read these
too.

-- 
You received this bug notification because you are a member of gEDA Bug
Team, which is a direct subscriber.
https://bugs.launchpad.net/bugs/700333

Title:
  Local configuration should be parsed, not evaluated

Status in GPL Electronic Design Automation tools:
  New

Bug description:
   affects geda
 security yes
 private no
 done

Currently, per-directory rc files are evaluated as Scheme scripts.  This
is an arbitrary code execution security risk.  For example, users (and
in particular *new* users) are likely to want to download and open
designs from elsewhere, and almost all designs include a 'gafrc' file to
set up per-project component libraries.

Instead of being evaluated, local configuration files should be parsed.
This way it would be much harder to craft malicious designs.

An example of a parsable configuration file format is the resource file
format used by PCB.

In addition, a tool should be developed for migrating existing designs'
rc files to the any configuration system.





_______________________________________________
geda-bug mailing list
geda-bug@xxxxxxxxxxxxxx
http://www.seul.org/cgi-bin/mailman/listinfo/geda-bug

References:
- gEDA-bug: [Bug 700333] [NEW] Local configuration should be parsed, not evaluated
  - From: Peter TB Brett

Prev by Author: gEDA-bug: unsubsribe
Next by Author: gEDA-bug: [Bug 698803] Re: gschem: Feedback for state of rubberband and outline mode
Next by thread: gEDA-bug: [ geda-Patches-3149702 ] Fix warning on moving over menu-item without action
Index(es):
- Author
- Thread