QProcess Security and KSaveFile::rcsBackupFile()

Martijn Klingens klingens at kde.org
Tue Feb 7 16:34:54 GMT 2006


On Friday 03 February 2006 02:05, Allen Winter wrote:
> On Thursday 02 February 2006 04:02, Gregory Hayes wrote:
> > That is a good point, I didn't think of the path issue! I believe the LSB
> > specifies /usr/bin as the RCS default, but other platforms may pop it in
> > a different part of the tree. Is there a way to just remove "." from the
> > QProcess $PATH? If not I would suggest "/bin:/usr/bin:/usr/local/bin"
> > (but someone could be creative and stick it in /opt/rcs-5.7/bin or
> > something). RCS is likely "rcs.exe" on Windows too, so we may need to
> > massage that as well (if it matters to QProcess).
>
> I just committed a change that uses the $PATH you suggest.

That runs shell commands though. As long as qFilename is properly quoted it 
doesn't allow arbitrary command execution per se, but it still seems like a 
needless security risk to me.

Why don't you pass the result of KStandardDirs::findExe instead of relying 
on /usr/bin/env?

See
 
http://developer.kde.org/documentation/library/cvs-api/kdelibs-apidocs/kdecore/html/classKStandardDirs.html#e1

That also makes it somewhat more portable towards non-Unix platforms where the 
'VAR=value cmd --args' style of invocation is often unavailable. (Not to 
mention that /usr/bin/env is often unavailable, but so is rcs probably as 
well, making this possibly a moot point.)

-- 
Martijn




More information about the kde-core-devel mailing list