[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

es security



the list's been kinda quiet lately. all enjoying your hols?

i've got to write a script which is supposed to be slightly secure (yeah, right,
i know, but there you go). i was going to use perl, since it's supposed to
support such things, but then i thought, hey, why not use rc or es? after all,
they don't suffer from rescanning attacks.

es has a problem, though. being the wonderfully customisable beastie that it
is, i presume that i haven't got any way to ensure that i've got "safe" shell,
without explicitly redefining all the hook functions in terms of their
primitives. after all, setting path to (/bin /usr/ucb) isn't much good if
%pathsearch is search $hacked_path...

i know es wasn't intended for writing secure scripts, but i thought i'd
mention it.

steve