[Issue 15584] Security issue: symlink attack

via Digitalmars-d-bugs digitalmars-d-bugs at puremagic.com
Thu Jan 21 18:09:05 PST 2016


https://issues.dlang.org/show_bug.cgi?id=15584

--- Comment #6 from Cédric Picard <cpicard at openmailbox.org> ---
@ketmar

This not an issue about executing code. This is a case where the victim doesn't
have to execute *any* line of the given program, not one line, compiling it is
enough to be attacked.

Besides even if it were about executing code note that we already decided that
as long as it is in the compilation process it was an issue. Otherwise why did
we bother enforce that the compiler can't read or write arbitrary files during
CTFE? Isn't it because we know that we can't expect the user to carefully read
every line of the code he is compiling and that the compiler had some
responsability reguarding this in the compilation process?

I stand on my position, an attack is possible that requires only to run the
compiler without passing it any special argument, without executing any script
and without executing the resulting program. It is of the responsability of the
compiler.

--


More information about the Digitalmars-d-bugs mailing list