diff options
author | Sascha Silbe <sascha-pgp@silbe.org> | 2010-07-21 17:30:43 (GMT) |
---|---|---|
committer | Sascha Silbe <sascha-pgp@silbe.org> | 2010-07-21 17:30:43 (GMT) |
commit | 5ab8ddb8ddb8dc6925cb3bb5f52e0a06b7a1c439 (patch) | |
tree | 01e6ca6d9d6eaa54052480200f039c8e50f0166f /docs/pre-forking | |
parent | d4fe57f377d8f78f02a9e5f6d9c201b4e9eb86f4 (diff) |
rearrange source tree to match that of the tarball
Diffstat (limited to 'docs/pre-forking')
-rw-r--r-- | docs/pre-forking | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/docs/pre-forking b/docs/pre-forking new file mode 100644 index 0000000..a47a1c7 --- /dev/null +++ b/docs/pre-forking @@ -0,0 +1,20 @@ + +== Problem: Security risks in preforking. == #??? + +Situation: + + Rainbow implements some pre-fork() module-loading in order to cache the + results of several expensive computations performed by all Python activities. + + Rainbow needs to run as uid-0 while loading this code in order to be able to + call setuid() later. + + Rainbow needs to handle pass some tainted data to this codebase. + +Thoughts: + + * $LANG is one obvious trouble spot but there are probably several others. + + * Scott suggests that there may be a PAM module helpful for cleaning tainted + environment data. + |