Bug 199538
| Summary: | Insecure operations in the certain safe-level restrictions | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Akira TAGOH <tagoh> | ||||||||
| Component: | ruby | Assignee: | Akira TAGOH <tagoh> | ||||||||
| Status: | CLOSED ERRATA | QA Contact: | Bill Huang <bhuang> | ||||||||
| Severity: | medium | Docs Contact: | |||||||||
| Priority: | medium | ||||||||||
| Version: | rawhide | CC: | security-response-team | ||||||||
| Target Milestone: | --- | Keywords: | Security | ||||||||
| Target Release: | --- | ||||||||||
| Hardware: | All | ||||||||||
| OS: | Linux | ||||||||||
| Whiteboard: | |||||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||||
| Doc Text: | Story Points: | --- | |||||||||
| Clone Of: | Environment: | ||||||||||
| Last Closed: | 2006-07-24 03:17:05 UTC | Type: | --- | ||||||||
| Regression: | --- | Mount Type: | --- | ||||||||
| Documentation: | --- | CRM: | |||||||||
| Verified Versions: | Category: | --- | |||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||
| Embargoed: | |||||||||||
| Bug Depends On: | |||||||||||
| Bug Blocks: | 199539 | ||||||||||
| Attachments: |
|
||||||||||
Created attachment 132732 [details]
testcase1
Created attachment 132733 [details]
testcase2
Created attachment 132734 [details]
testcase3
Forgot to mention one more.
Actual Result:
no exception.
Expected Result:
$ ruby regexp_jvn13947696.rb
regexp_jvn13947696.rb:5:in `initialize': Insecure: can't modify regexp
(SecurityError)
from regexp_jvn13947696.rb:3:in `join'
from regexp_jvn13947696.rb:3
Fixed in: devel - 1.8.4-11.fc6 FC-5 - 1.8.4-8.fc5 FC-4 - 1.8.4-3.fc4 ruby-1.8.4-8.fc5 has been pushed for fc5, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report. |
Description of problem: Vulnerabilities has been reported in Ruby, which can be proceeded insecure operations that originally wasn't expected in the certain safe-level restrictions. Version-Release number of selected component (if applicable): all versions of Ruby without any exceptions, such as 1.6.x and 1.8.x. How reproducible: always Steps to Reproduce: 1.ruby dir_jvn13947696.rb 2.ruby dir_jvn13947696_2.rb 3. Actual results: no exceptions. Expected results: $ ruby dir_jvn13947696.rb dir_jvn13947696.rb:5:in `read': Insecure: operation on untainted Dir (SecurityError) from dir_jvn13947696.rb:3:in `join' from dir_jvn13947696.rb:3 $ ruby dir_jvn13947696_2.rb dir_jvn13947696_2.rb:5:in `close': Insecure: can't close (SecurityError) from dir_jvn13947696_2.rb:3:in `join' from dir_jvn13947696_2.rb:3 Additional info: This affects to FC4 and FC5 as well.