Skip to content

Fix #850, prevent code execution on node init#1107

Open
cheriimoya wants to merge 1 commit intomininet:masterfrom
cheriimoya:fix/850
Open

Fix #850, prevent code execution on node init#1107
cheriimoya wants to merge 1 commit intomininet:masterfrom
cheriimoya:fix/850

Conversation

@cheriimoya
Copy link
Contributor

Closes #850

@lantz
Copy link
Member

lantz commented Apr 1, 2022

I don't think this fixes the issue, since you could just put a quote in the string.

The way cmd works is it passes strings to the shell which executes them. I don't think it's feasible to sanitize all input strings, though we could (and perhaps should) switch to using pexec.

I also still don't understand the underlying threat model that this is attempting to mitigate.

@cheriimoya
Copy link
Contributor Author

I don't think this fixes the issue, since you could just put a quote in the string.

Yes, you are right, i wasn't thinking this through...

The way cmd works is it passes strings to the shell which executes them. I don't think it's feasible to sanitize all input strings, though we could (and perhaps should) switch to using pexec.

which pexec do you mean specifically?

I also still don't understand the underlying threat model that this is attempting to mitigate.

neither do i, just wanted to close some issues:D

@cheriimoya
Copy link
Contributor Author

ah: this doesn't work with python2, how important is still having python2 support for the project?

@lantz
Copy link
Member

lantz commented Apr 5, 2022

Working with python 2 is important. If we break backward compatibility in a big way that would probably need to be in a 3.x version of mininet.

@lantz
Copy link
Member

lantz commented Apr 5, 2022

I think the right way to fix this for the current version is to use host.pexec - then it doesn't go through the shell.

However, as I noted, I still don't understand the threat model this is attempting to mitigate.

Probably we also want to switch to using netcat as you suggested in #1103.

@cheriimoya
Copy link
Contributor Author

okay then let's postpone this (as i don't think it's that important anyway) for a future release.
should i close it?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

security issue in mininet, may cause arbitary code execution

2 participants