Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!watmath!clyde!rutgers!seismo!lll-lcc!styx!twg-ap!amdahl!pyramid!decwrl!decvax!tektronix!uw-beaver!tikal!sigma!bill From: bill@sigma.UUCP Newsgroups: comp.os.minix Subject: Re: minix shar- is this a sensible thought ? Message-ID: <1051@sigma.UUCP> Date: Fri, 6-Feb-87 14:04:09 EST Article-I.D.: sigma.1051 Posted: Fri Feb 6 14:04:09 1987 Date-Received: Sun, 8-Feb-87 08:28:19 EST References: <1717@hoptoad.uucp> <552@atari.UUCP> Reply-To: bill@sigma.UUCP (William Swan) Organization: Summation Inc, Kirkland WA Lines: 32 In article <552@atari.UUCP> apratt@atari.UUCP (Allan Pratt) writes: >In article <1717@hoptoad.uucp>, gnu@hoptoad.uucp (John Gilmore) says: >>In article <962@osiris.UUCP>, mjranum@osiris.UUCP (Marcus Ranum) writes: >>>What if we all agree that postings of MINIX material be in of tar format. >> Shar ... has the advantage that it is text [...] > >The problem I see with Shar is the ... Trojan Horse loophole ... When you >turn your machine over to somebody else's command script, AT YOUR OWN >COMMAND PROMPT, you're just asking for trouble. A special "unshar" script, >which only lets the shar run certain commands and put files in certain >directories, would be an appropriate patch to this. > >Makefiles also introduce this security problem.. The big problem is in safely unpacking the file. Beyond that you are on your own, as trojan horses could be placed in the makefile or the code itself. The script or C program to unpack the shar file is an excellent solution. It has already been done, albeit for (don't laugh) cp/m machines, which of course don't have 'sh', requiring that ALL commands to be recognized be built into the unshar program. This is the safest route. There should be concensus on the particular shar format to be used, to avoid the mess we currently have with the many different formats in use and complex "unshar" scripts that figure out which one was used. -- William Swan {ihnp4,decvax,allegra,...}!uw-beaver!tikal!sigma!bill chan 'eil Gaidhlig math againn /kha nel' gal'ig' mweh ag0n'/ (we do not speak good Gaelic)