Asp Forum - "insecure world writable" fix ?

Sean Harre

7/20/2006 5:33:00 PM

Hello All,

I have come up with a fix/workaround which turns off the "insecure world
writable" warning message.

In my code, I pass a string (exec_str) to exec:

exec_str = "./foo.pl test"
exec(exec_str)

Depending on my PATH, this can point out any number of world-writable
directories on my network.

If I change the above so I'm just adding a CR to the end of exec_str, I
now do not see the warning message any longer:

exec_str = "./foo.pl test\n"
exec(exec_str)

Anyone have an idea why this works?

Thanks,
-Sean

4 Answers

Eric Armstrong

7/20/2006 9:34:00 PM

Sean Harre wrote:
> Hello All,
>
> I have come up with a fix/workaround which turns off the "insecure world
> writable" warning message.
>
> In my code, I pass a string (exec_str) to exec:
>
> exec_str = "./foo.pl test"
> exec(exec_str)
>
> Depending on my PATH, this can point out any number of world-writable
> directories on my network.
>
> If I change the above so I'm just adding a CR to the end of exec_str, I
> now do not see the warning message any longer:
>
> exec_str = "./foo.pl test\n"
> exec(exec_str)
>
> Anyone have an idea why this works?
>
*Heck* of a workaround. Thanks. I look forward to
explanations as to why it works.

I've been using this:
exec_str = "eval ''; ..."

The initial eval also stops the insecure writable
message.

There's no way to modify the environment, either.
Access ENV.<any> causes the message to appear
before I even try to execute anything in a subshell.

That message is one heckofa mystery, to be sure.

ts

7/21/2006 8:46:00 AM

>>>>> "S" == Sean Harre <sharre@transmeta.com> writes:

S> exec_str = "./foo.pl test\n"
S> exec(exec_str)

S> Anyone have an idea why this works?

When ruby find some special characters (like \n;[]{} ...) in the string, it
call the shell (/bin/sh -c) rather than trying to exec directly the
program. In this case it don't test the variable PATH

Guy Decoux

Sean Harre

7/21/2006 4:50:00 PM

Ok, I understand the reason this works the way it does - Ruby wants the
shell to handle any special characters that may result in
substitutions/matching, etc. That makes sense. But is there an "official
workaround" for this problem? And if not, can I rest well at night with
my '\n' workaround in my companys stable source tree? It's just a
warning message now, but in the future, I can't really forsee any
problems with putting a CR at end of exec_str, but...

Thanks,
-Sean

ts wrote:

>>>>>>"S" == Sean Harre <sharre@transmeta.com> writes:
>>>>>>
>>>>>>
>
>S> exec_str = "./foo.pl test\n"
>S> exec(exec_str)
>
>S> Anyone have an idea why this works?
>
> When ruby find some special characters (like \n;[]{} ...) in the string, it
> call the shell (/bin/sh -c) rather than trying to exec directly the
> program. In this case it don't test the variable PATH
>
>
>
>Guy Decoux
>
>
>
>
>

ts

7/21/2006 5:05:00 PM

>>>>> "S" == Sean Harre <sharre@transmeta.com> writes:

S> substitutions/matching, etc. That makes sense. But is there an "official
S> workaround" for this problem? And if not, can I rest well at night with

Yes, correct the problem (i.e. change the permission for the directory)
:-)

S> my '\n' workaround in my companys stable source tree? It's just a
S> warning message now, but in the future, I can't really forsee any

it's a warning message with $SAFE = 0, but an error with $SAFE >= 1

svg% ruby -e 'exec("ls")'
-e:1: warning: Insecure world writable dir /home/ts/XXX/., mode 040777
svg%

svg% ruby -e '$SAFE = 1; exec("ls")'
-e:1: warning: Insecure world writable dir /home/ts/XXX/., mode 040777
-e:1:in `exec': Insecure PATH - ls (SecurityError)
from -e:1
svg%

Guy Decoux

comp.lang.ruby

"insecure world writable" fix ?

Sean Harre

Eric Armstrong

ts

Sean Harre

ts

x Login to ForumsZone