On 09/26/2014 09:12 PM, Nico Kadel-Garcia wrote: > On Fri, Sep 26, 2014 at 9:34 AM, Karanbir Singh <mail-lists at karan.org> wrote: >> On 09/25/2014 08:41 PM, Nico Kadel-Garcia wrote: >> >>> Thinking about it, the git CentOS repository could possibly be >>> vulnerable, depending on just how the git credentials are managed >>> there I'd urge a check. >> >> no shell out happens at git.centos.org >> >> gitweb however, is exposed. As is anything that does a system() call. > > Cool. I'm curious how you do it, but would understand not wanting to > discuss that kind of security detail on a public mailing list. > > Thinking further about it, if the web side uses something like > Apache's 'mod_cgi', there are some separate risks there as well. I'd > hope there's no inappropriate write access for the 'httpd' user, even > if you're vulnerable. (I mention that for folks not as familiar with > escalation attacks.) http://i.imgur.com/1NCi07n.jpg -- Jim Perrin The CentOS Project | http://www.centos.org twitter: @BitIntegrity | GPG Key: FA09AD77
