Remix.run Logo
sedatk 4 hours ago

Their fix just future-proofs it in case the same bug gets reintroduced.

turbert 3 hours ago | parent | next [-]

A correct implementation would be to just call glibc directly, this seems like a hasty fix to get the patch out the door. The history of vulns from bad shell escaping is as old as bash, whenever possible you probably shouldn't be mixing code and data, especially in a security critical application like this.

raggi 2 hours ago | parent [-]

The fact that there is no portable way to link the relevant functions that works reliably across all distributions of Linux is a failure of POSIX and GNU, and unfortunately is largely the Linux distribution story in a nutshell.

Your answer is mostly correct, except that when you tug on that thread the shelf comes off the wall, the plaster comes with it, and then it cracks the water pipes on the way to the floor.

cyberax 4 hours ago | parent | prev [-]

This is just a dirty fix. It adds weird restrictions and masks issues.

Refactoring external invocations to use safe argument handling is a better way to fix it. Along with tests that exercise weird names.

raggi 2 hours ago | parent | next [-]

http://github.com/tailscale/tailscale/commit/e4144230f410204...

sedatk 3 hours ago | parent | prev [-]

I argue the opposite: there’s no better fix for this. You can write the most elegant fix, whatever it is, and prevent that from happening only on the codebase that’s fixed. That doesn’t mean that the codebase will always be the only authority on authentication.

The username policy fixes this issue for good, regardless of whatever you write in the future, or whatever new mechanism is introduced.

It’s a restriction for sure, but it’s not a nonsense restriction? Who would have a username starting with a hyphen? I didn’t even know it was possible until today.

turbert 3 hours ago | parent [-]

> I argue the opposite: there’s no better fix for this

The better fix would be to not have the username pass through a parser looking for cli flags in the first place.