diff options
Diffstat (limited to 'docs/pre-forking')
-rw-r--r-- | docs/pre-forking | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/docs/pre-forking b/docs/pre-forking new file mode 100644 index 0000000..a47a1c7 --- /dev/null +++ b/docs/pre-forking @@ -0,0 +1,20 @@ + +== Problem: Security risks in preforking. == #??? + +Situation: + + Rainbow implements some pre-fork() module-loading in order to cache the + results of several expensive computations performed by all Python activities. + + Rainbow needs to run as uid-0 while loading this code in order to be able to + call setuid() later. + + Rainbow needs to handle pass some tainted data to this codebase. + +Thoughts: + + * $LANG is one obvious trouble spot but there are probably several others. + + * Scott suggests that there may be a PAM module helpful for cleaning tainted + environment data. + |