Bug #4115
openFaceManager doesn't reject attempts to destroy "reserved" faces
Added by Davide Pesavento over 7 years ago. Updated almost 7 years ago.
0%
Updated by Junxiao Shi over 7 years ago
faces/destroy
is a privileged operation. The management authenticator logs a warning if privileges are not properly configured. Therefore, this bug is akin to "rm
does not reject attempts to rm -rf /*
".
Updated by Davide Pesavento over 7 years ago
Junxiao Shi wrote:
faces/destroy
is a privileged operation.
How is that relevant? And even then, I'm sure 99% of the users run with the default permissions, i.e. everything is authorized.
The management authenticator logs a warning if privileges are not properly configured.
...which nobody cares about.
Therefore, this bug is akin to "
rm
does not reject attempts torm -rf /*
".
rm(1)
has a --preserve-root
option, enabled by default.
In any case, I don't agree with the comparison. I'd say this bug is more similar to shutting down all netlink sockets and preventing the creation of new ones, which is much harder to do (I don't think it's even possible on standard kernels), and definitely cannot be done by accident, e.g. by mistyping a command.
Updated by Junxiao Shi over 7 years ago
I'm sure 99% of the users run with the default permissions, i.e. everything is authorized.
Yes, even the routers. Combined with misconfigured WebSockets proxy (#3402-5), I can attack a router easily.
I'd put up a blog post about securing NFD command authentication sometime, but that's out of scope of this issue.
The management authenticator logs a warning if privileges are not properly configured.
...which nobody cares about.
The operator SHOULD care about WARNINGs and ERRORs.
Therefore, this bug is akin to "
rm
does not reject attempts torm -rf /*
".
rm(1)
has a--preserve-root
option, enabled by default.
--preserve-root
only saves you from rm -rf /
. It doesn't save you from rm -rf /*
.
Updated by Davide Pesavento over 7 years ago
Junxiao Shi wrote:
--preserve-root
only saves you fromrm -rf /
. It doesn't save you fromrm -rf /*
.
Of course, because /*
is expanded by the shell into /bin
, /etc
, /usr
, etc... so the rm
command never actually sees /*
in the argument list.
I'm not sure I understand your point here...
Updated by Davide Pesavento almost 7 years ago
- Priority changed from Normal to Low
- Target version deleted (
v0.6)