Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <CEA32CF0-DCF5-4746-9BDB-5AF9CEA1118A@dwheeler.com>
Date: Mon, 19 Apr 2021 11:01:54 -0400
From: "David A. Wheeler" <dwheeler@...eeler.com>
To: oss-security@...ts.openwall.com
Cc: security@...ian.org
Subject: Re: xscreensaver package caps gets raw socket

> On Sat, 17 Apr 2021 at 07:41:15 -0700, Tavis Ormandy wrote:
>> Oh, I also pitched using popen("/bin/ping" ..), but I think nobody is
>> really convinced that will work, but I kinda like it :)

On Apr 18, 2021, at 8:25 AM, Simon McVittie <smcv@...ian.org> wrote:

> That's consistent with the principle of least-privilege, and the widely
> cited Unix philosophy of having programs that do one thing well.
> 
> If you need to gain privileges, then I think that's a much, much better
> approach - ideally a new ping-like program that prints a machine-readable
> syntax rather than having to screen-scrape human-readable output, but
> if that's not available then ping itself is the next best thing.


I agree, running “ping” in a separate process
is FAR better than giving the “main” process
extra permissions it doesn’t actually need.
You’d have to be careful about the parameters sent, but that’s necessary anyway.
I don’t see the problem of calling /bin/ping, that sounds like the right answer.

Scraping is undesirable, but sometimes needed. If this is a common need, a
long-term solution might be to create an option on ping to generate a standard
format that’s easier to machine-parse.

--- David A. Wheeler

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.