[GRASS5] Objections to release 5.0.0stable?
Eric G. Miller
egm2 at jps.net
Fri Aug 9 02:50:32 EDT 2002
On Fri, Aug 09, 2002 at 07:00:40AM +0100, Glynn Clements wrote:
>
> Eric G. Miller wrote:
>
> > Don't know of any serious breakage problems... But, I personally would
> > be very cautious about using GRASS in a setting where security concerns
> > are high. I guarantee some tricky hacker could find a way to create a
> > buffer overflow if given a chance...
>
> Well, GRASS doesn't include any setuid programs, it doesn't provide
> any network services, and the /tmp/grass-<user> directory which
> contains the monitor sockets should be mode 700.
>
> However, I wouldn't recommend running any GRASS module on
> untrustworthy data, including accessing a world-writable database
> (GISDBASE) directory on a system which has untrusted users.
>
> As for GRASSlinks or similar: I don't know how much of GRASS this
> uses, or what validation it does on the data which it passes to GRASS.
> But, if it trusts GRASS at all, you may as well be running a public
> "rsh" service.
>
> GRASS isn't secure. Actually, it's the opposite of secure. You
> wouldn't need to bother with a buffer overflow; exploiting one of the
> many unsafe calls to system() would be easier.
Yea, I was mostly thinking of the scenario where GRASS might be run with
elevated priveledges.
> I was under the impression that this is an IrisGL vs OpenGL issue. The
> OpenGL headers are absolutely definitely <GL/gl.h> and <GL/glu.h>.
> But, I think that SG3d is IrisGL.
I had this vague recollection about Windows having <gl/*.h>, but then
maybe that doesn't matter due to the general case insensitive nature
of the platform??
--
Eric G. Miller <egm2 at jps.net>
More information about the grass-dev
mailing list