nrpe, arguments and security

[Andreas Ericsson]

Peter Åstrand wrote:
> On Tue, 30 Nov 2004, Andreas Ericsson wrote:
> 
> 
>>>+#define ALLOWED_ARGUMENT_CHARS  " !abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
>>> 
>>
>>! is not currently in the safe-by-default list, as it is treated 
>>different depending on where your /bin/sh points to. ,.% are, though.
> 
> 
> But ! will never reach the shell, since it's just the internal argument 
> separator. 
> 
> 

Each argument is parsed individually.

Theoretically one could get by simply by adding single quotes around the 
argument and escaping all single quotes within it.
echo 'arg; cat /etc/passwd' is perfectly safe with all shells I'm aware of.

> 
>>I've already implemented whitelist argument chars in current NRPE (which 
>>isn't publicly available, since I haven't gotten the PK authentication 
>>to work properly). Thanks for participating though.
> 
> 
> It would be great if this issue could be resolved as soon as possible. Is 
> it possible that you can add your "whitelist" implementation separated 
> from the PK stuff? 
> 

Possibly, but code is in flux right now so in that case it'll be a 
little while before I get things straightened out.

-- 
Andreas Ericsson                   andreas.ericsson at op5.se
OP5 AB                             www.op5.se
Lead Developer


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/