|
Message-Id: <CEA32CF0-DCF5-4746-9BDB-5AF9CEA1118A@dwheeler.com> Date: Mon, 19 Apr 2021 11:01:54 -0400 From: "David A. Wheeler" <dwheeler@...eeler.com> To: oss-security@...ts.openwall.com Cc: security@...ian.org Subject: Re: xscreensaver package caps gets raw socket > On Sat, 17 Apr 2021 at 07:41:15 -0700, Tavis Ormandy wrote: >> Oh, I also pitched using popen("/bin/ping" ..), but I think nobody is >> really convinced that will work, but I kinda like it :) On Apr 18, 2021, at 8:25 AM, Simon McVittie <smcv@...ian.org> wrote: > That's consistent with the principle of least-privilege, and the widely > cited Unix philosophy of having programs that do one thing well. > > If you need to gain privileges, then I think that's a much, much better > approach - ideally a new ping-like program that prints a machine-readable > syntax rather than having to screen-scrape human-readable output, but > if that's not available then ping itself is the next best thing. I agree, running “ping” in a separate process is FAR better than giving the “main” process extra permissions it doesn’t actually need. You’d have to be careful about the parameters sent, but that’s necessary anyway. I don’t see the problem of calling /bin/ping, that sounds like the right answer. Scraping is undesirable, but sometimes needed. If this is a common need, a long-term solution might be to create an option on ping to generate a standard format that’s easier to machine-parse. --- David A. Wheeler
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.