684358 – vpnc-helper discards command-line arguments

Bug 684358 - vpnc-helper discards command-line arguments

Summary: vpnc-helper discards command-line arguments

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Fedora EPEL
Classification:	Fedora
Component:	vpnc
Sub Component:
Version:	el5
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Huzaifa S. Sidhpurwala
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-03-11 22:16 UTC by Ben Liblit
Modified:	2011-03-14 17:04 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-03-14 07:21:23 UTC
Type:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Ben Liblit 2011-03-11 22:16:19 UTC

Description of problem:

When a non-root user runs "/usr/bin/vpnc", any command-line arguments are discarded instead of being passed to the real "/usr/sbin/vpnc".  That makes it impossible to use anything other than default or interactively-prompted values for various configuration options.

Version-Release number of selected component (if applicable):

vpnc-consoleuser-0.5.3-8.el5

How reproducible:

100% reproducible.

Steps to Reproduce:
1. As non-root, run "/usr/bin/vpnc --help".
2. As non-root, run "/usr/sbin/vpnc --help".
3. Compare the output of the above two commands.
  
Actual results:

The first command prompts the user to "Enter IPSec gateway address:".  This reveals that the "--help" flag has been discarded.

Expected results:

Both commands given above should have printed help information.

Additional info:

The fix is to add "$@" at the end of the second line of "/usr/sbin/vpnc-helper".  The quotes should be included in that change.  Thus, the entire script should read:

    #!/bin/sh
    /usr/sbin/vpnc "$@"

Comment 1 Tomas Mraz 2011-03-14 07:21:23 UTC

That's completely intentional as allowing parameters to be passed would be vulnerable to security attack.

The helper is just for convenience and the configuration is supposed to be managed by root.

Comment 2 Ben Liblit 2011-03-14 15:06:48 UTC

Suppose root does manage the configuration, presumably by creating one or more connection configuration files in /etc/vpnc.  How is the user supposed to take advantage of these?  If root has created "/etc/vpnc/foo.conf", the user should at least be able to run "vpnc foo" to connect to this root-managed VPN.  That does not currently work.

My mental model is "admin creates connection configs; user activates these by name".  That's definitely not supported by the current helper script.  So I just don't understand what the intended usage scenario is here.  Any clarification would be much appreciated, as clearly I'm thinking about this in the wrong way.

Comment 3 Tomas Mraz 2011-03-14 15:22:56 UTC

The usage scenario is unfortunately only the simplest one for one VPN configuration allowed. Of course adding some way to allow a choice from multiple configurations would be a nice feature - patches welcome. Of course still the implementation must avoid the possibility to pass arbitrary arguments by the user to the vpnc.

Comment 4 Ben Liblit 2011-03-14 17:04:06 UTC

OK, one configuration.  Got it.  Thank you for helping me understand!

Note You need to log in before you can comment on or make changes to this bug.