DMD 1.005 release [security concerns about ImportExpressions]
Andrei Alexandrescu (See Website For Email)
SeeWebsiteForEmail at erdani.org
Sat Feb 10 10:38:24 PST 2007
Jeff McGlynn wrote:
> On 2007-02-06 23:51:17 -0800, "Andrei Alexandrescu (See Website For
> Email)" <SeeWebsiteForEmail at erdani.org> said:
>
>> Vladimir Panteleev wrote:
>>> On Tue, 06 Feb 2007 06:54:18 +0200, Walter Bright
>>> <newshound at digitalmars.com> wrote:
>>>
>>>> http://www.digitalmars.com/d/changelog.html
>>>
>>> Hmm. What would prevent someone from writing programs like:
>>> writef(import("/etc/passwd"));
>>> and trick someone to compile this program for them (under the pretext
>>> that they don't have a D compiler, for example) to steal the user
>>> list (or the contents of any other file with a known absolute or
>>> relative path on the victim's system)?
>>>
>>> IMO, the compiler should at least issue a warning when importing a
>>> file not located in/under the source file's directory. Although, if
>>> the source emits a lot of pragma(msg) messages, the warning might get
>>> cluttered by those - or this might be concealed in a large program
>>> with a lot of files. A better security-wise solution is to disallow
>>> importing files outside the source file's directory, unless specified
>>> by the user on the command-line.
>>
>> How would the bad person see the output of the compilation?
>>
>> Andrei
>
>
> By asking someone else to compile code for you and send back the
> executable. Some services exist for compiling C/C++ on the web and this
> concern would prevent people from doing the same with D.
I see. This is a new scenario indeed. Given previous experience with
TeX, it looks like the compiler switch approach could take care of it.
Andrei
More information about the Digitalmars-d-announce
mailing list