[Issue 11365] Allow D source file names to have no extension

[d-bugmail at puremagic.com]

http://d.puremagic.com/issues/show_bug.cgi?id=11365


Vladimir Panteleev <thecybershadow at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |thecybershadow at gmail.com


--- Comment #1 from Vladimir Panteleev <thecybershadow at gmail.com> 2013-10-27 01:04:00 EEST ---
I should note that "auto-correcting" file names has security implications.

Let's suppose that there exists an upload script file, written in D, called
"upload", in the root of a web server's public directory. The upload script
goes like this:

#!rdmd
(code follows)

The upload script allows users to upload files with any name to the same
directory. Naturally, for security reasons, none of the uploaded files can be
executable, and it's not possible to overwrite the upload script by uploading a
file with the same name.

Now, what happens if someone uploads a file called "upload.d"?

The webserver runs "upload", which runs "rdmd upload", which runs "dmd upload",
which compiles teh file "upload.d", and not "upload". The uploader successfully
got their code running on the server.

Possible solutions:
1) deprecate then remove all name auto-correction features from dmd and rdmd
2) forbid compilation if an ambiguity exists due to name auto-correction
(although now this turns from an RCE vulnerability into a DOS vulnerability)
3) remove auto-correction features from rdmd; make rdmd pass a flag to dmd that
disable name auto-correction

---------------------------------------------------

Another problem with this suggestion:

echo 'void main(){}' > foo.d
dmd foo
rm foo.d
dmd foo

dmd will now try to parse a compiled binary file as an executable.

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
------- You are receiving this mail because: -------