top | item 23828161

(no title)

awirth | 5 years ago

See also the sudo bad environment variable list[1], which I recently found a 15 year old typo in.[2]

[1]: https://github.com/sudo-project/sudo/blob/master/plugins/sud... [2]: https://www.sudo.ws/repos/sudo/rev/bdf9c9e7f455

discuss

cookiengineer|5 years ago

This is such a good example on why security is hard.

I mean, good intentions, should've worked, but a single mistake wasn't discovered among all of the features involved in locking it down as hard as possible.

Security is a fight nobody can win, because it's an N-1 relationship of reassuring your own mistakes vs. finding a single mistake as an opportunity.

hannob|5 years ago

Isn't this more an example of "fail-open design is bad, use fail-close"? Or in other words "make an allowlist, not a blocklist"?

I mean look at those variables, this seems like a loosing battle. PERLLIB, PERL5LIB etc. - what if there's a PERL6LIB at some point or a NEWSCRIPTINGLANGUAGELIB variable?

bottled_poe|5 years ago

Not to take away from your point, but it seems like automated testing should easily detect issues like this one?

fit2rule|5 years ago

The typo almost looks malicious, to be honest.