"disallow sticky world writable directory in PATH": Why?

Discussion in 'Ruby' started by Erik Veenstra, Dec 4, 2005.

  1. Found in ChangeLog-1.8.3:

    Wed Sep 21 02:44:09 2005 Yukihiro Matsumoto <>
    file.c (path_check_0): disallow sticky world writable directory in PATH (and $LOAD_PATH). [ruby-dev:27226]

    Why is this changed in Ruby 1.8.3?

    And how can I work around this check? It's annyoing...

    I added a simple test below.

    Thanks.

    gegroet,
    Erik V. - http://www.erikveen.dds.nl/

    ----------------------------------------------------------------

    $ cat /tmp/test/test1.rb
    ENV

    $ cat /tmp/test/test2.rb
    ENV["PATH"]

    ----------------------------------------------------------------

    $ useruby182
    ruby 1.8.2 (2004-12-24) [i686-linux]

    $ PATH=$PATH:/tmp/test ruby /tmp/test/test1.rb

    $ PATH=$PATH:/tmp/test ruby /tmp/test/test2.rb

    ----------------------------------------------------------------

    $ useruby183
    ruby 1.8.3 (2005-09-21) [i686-linux]

    $ PATH=$PATH:/tmp/test ruby /tmp/test/test1.rb

    $ PATH=$PATH:/tmp/test ruby /tmp/test/test2.rb
    /tmp/test/test2.rb:1: warning: Insecure world writable dir /tmp, mode 041777

    ----------------------------------------------------------------
    Erik Veenstra, Dec 4, 2005
    #1
    1. Advertising

  2. Erik Veenstra

    Guest

    On Mon, 5 Dec 2005, Erik Veenstra wrote:

    > Found in ChangeLog-1.8.3:
    >
    > Wed Sep 21 02:44:09 2005 Yukihiro Matsumoto <>
    > file.c (path_check_0): disallow sticky world writable directory in PATH (and $LOAD_PATH). [ruby-dev:27226]
    >
    > Why is this changed in Ruby 1.8.3?
    >
    > And how can I work around this check? It's annyoing...


    $VERBOSE = nil

    there are a few other annyoing warnings, and some good ones, that this shuts
    up. in my opinion the system level and language level warnings should be
    controlled differently for this reason. i work in a collaborative laboratory
    so you can imagine we have thousands of group writable directories. i can
    have every single one of my shared programs spew warnings when run (hardly
    confidence inspiring) so i simply must turn $VERBOSE off ;-(


    -a
    --
    ===============================================================================
    | ara [dot] t [dot] howard [at] noaa [dot] gov
    | all happiness comes from the desire for others to be happy. all misery
    | comes from the desire for oneself to be happy.
    | -- bodhicaryavatara
    ===============================================================================
    , Dec 4, 2005
    #2
    1. Advertising

  3. > > Found in ChangeLog-1.8.3:
    > >
    > > Wed Sep 21 02:44:09 2005 Yukihiro Matsumoto <>
    > > file.c (path_check_0): disallow sticky world writable directory in PATH (and $LOAD_PATH). [ruby-dev:27226]
    > >
    > > Why is this changed in Ruby 1.8.3?
    > >
    > > And how can I work around this check? It's annyoing...

    >
    > $VERBOSE = nil


    I noticed that the check on ENV["PATH"] is done only once (see
    test3). That means that we can turn verbose message off, use
    ENV["PATH"] as a dummy statement and turn verbose message back
    on (see test4). All other references to ENV["PATH"] are
    unchecked. All other messages are still displayed.

    Thanks.

    gegroet,
    Erik V. - http://www.erikveen.dds.nl/

    ----------------------------------------------------------------

    $ ruby -v
    ruby 1.8.3 (2005-09-21) [i686-linux]

    $ cat /tmp/test/test3.rb
    ENV["PATH"]
    ENV["PATH"]

    $ PATH=$PATH:/tmp/test ruby /tmp/test/test3.rb
    /tmp/test/test3.rb:1: warning: Insecure world writable dir /tmp, mode 041777

    ----------------------------------------------------------------

    $ cat /tmp/test/test4.rb
    $VERBOSE=nil
    ENV["PATH"]
    $VERBOSE=true
    ENV["PATH"]

    $ PATH=$PATH:/tmp/test ruby /tmp/test/test4.rb

    ----------------------------------------------------------------
    Erik Veenstra, Dec 4, 2005
    #3
  4. Erik Veenstra

    Zed A. Shaw Guest

    I didn't write it or have anything to do with it, but it's done because
    *anybody* can inject Ruby code into your program. I really can't think
    of a valid reason why you'd put a library file into such a directory
    and include that directory in your PATH.

    Looking at your examples below you've basically opened the
    gates of hell by putting /tmp in your PATH. Simply don't do this.

    I mean seriously, you can't be bothered to create a new directory for
    your stuff that only you own? And, if the file needs to be shared, why
    aren't you installing it properly in the ruby library standard way?
    If it is a situation where you don't have control of the system
    and need to install for a group of people, then I suggest you find the
    sysadmin and beat him until he agrees to install your stuff. Tell him
    to setup sudo such that you can at least run gem and your problems are
    solved.

    Finally, if you absolutely *must* share a PATH directory with other
    people then at least be smart: get a group created and set the
    directory writable *only* by this group, not the whole world.

    Anyway, the way you're doing things is going to cause you major
    problems.

    Zed A. Shaw
    http://www.zedshaw.com/


    On Mon, 5 Dec 2005 00:47:32 +0900
    Erik Veenstra <> wrote:

    > Found in ChangeLog-1.8.3:
    >
    > Wed Sep 21 02:44:09 2005 Yukihiro Matsumoto <>
    > file.c (path_check_0): disallow sticky world writable directory in
    > PATH (and $LOAD_PATH). [ruby-dev:27226]
    >
    > Why is this changed in Ruby 1.8.3?
    >
    > And how can I work around this check? It's annyoing...
    >
    > I added a simple test below.
    >
    > Thanks.
    >
    > gegroet,
    > Erik V. - http://www.erikveen.dds.nl/
    >
    > ----------------------------------------------------------------
    >
    > $ cat /tmp/test/test1.rb
    > ENV
    >
    > $ cat /tmp/test/test2.rb
    > ENV["PATH"]
    >
    > ----------------------------------------------------------------
    >
    > $ useruby182
    > ruby 1.8.2 (2004-12-24) [i686-linux]
    >
    > $ PATH=$PATH:/tmp/test ruby /tmp/test/test1.rb
    >
    > $ PATH=$PATH:/tmp/test ruby /tmp/test/test2.rb
    >
    > ----------------------------------------------------------------
    >
    > $ useruby183
    > ruby 1.8.3 (2005-09-21) [i686-linux]
    >
    > $ PATH=$PATH:/tmp/test ruby /tmp/test/test1.rb
    >
    > $ PATH=$PATH:/tmp/test ruby /tmp/test/test2.rb
    > /tmp/test/test2.rb:1: warning: Insecure world writable dir /tmp,
    > mode 041777
    >
    > ----------------------------------------------------------------
    >
    >
    Zed A. Shaw, Dec 4, 2005
    #4
  5. > I didn't write it or have anything to do with it, but it's
    > done because *anybody* can inject Ruby code into your
    > program.


    If /tmp is a sticky directory (it is) and /tmp/$APP.$$.tmp is
    owned by me (it is) and I'm the only person able to add or
    alter files in it (I am), how can somebody else, let alone
    *anybody*, inject Ruby code in my application?

    I logged on as a different user and tried to corrupt, move,
    delete and alter the temporary tree of a running application. I
    couldn't.

    > I really can't think of a valid reason why you'd put a
    > library file into such a directory and include that directory
    > in your PATH.


    But I can... If you create temporary files in your application,
    you can use /tmp. Well, you *should* use /tmp. It's invented
    for exactly that. Even when it is a temporary library file or
    an embedded application which is extracted to /tmp/$APP.$$.tmp.

    > Looking at your examples below you've basically opened the
    > gates of hell by putting /tmp in your PATH. Simply don't do
    > this.


    Did I say that I added /tmp in my path? I didn't add /tmp in my
    path. Though I did add /tmp/$APP.$$.tmp/bin in my path. But
    that directory is owned by me and /tmp is very sticky. What's
    the problem?

    (I skipped the rest of your message, which was based on
    assumptions...)

    > Anyway, the way you're doing things is going to cause you
    > major problems.


    If so, please explain.

    Thanks.

    gegroet,
    Erik V. - http://www.erikveen.dds.nl/
    Erik Veenstra, Dec 4, 2005
    #5
  6. Hi,

    In message "Re: "disallow sticky world writable directory in PATH": Why?"
    on Mon, 5 Dec 2005 00:47:32 +0900, Erik Veenstra <> writes:

    | Wed Sep 21 02:44:09 2005 Yukihiro Matsumoto <>
    | file.c (path_check_0): disallow sticky world writable directory in PATH (and $LOAD_PATH). [ruby-dev:27226]
    |
    |Why is this changed in Ruby 1.8.3?
    |And how can I work around this check? It's annyoing...

    Warning condition may be too loose. Let me re-consider, although it's
    bit too late for 1.8.4 which is scheduled for Christmas.

    matz.
    Yukihiro Matsumoto, Dec 5, 2005
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?VGltOjouLg==?=

    Why, why, why???

    =?Utf-8?B?VGltOjouLg==?=, Jan 27, 2005, in forum: ASP .Net
    Replies:
    6
    Views:
    553
    Juan T. Llibre
    Jan 27, 2005
  2. Horace Nunley

    why why why does function not work

    Horace Nunley, Sep 27, 2006, in forum: ASP .Net
    Replies:
    1
    Views:
    452
    =?Utf-8?B?UGV0ZXIgQnJvbWJlcmcgW0MjIE1WUF0=?=
    Sep 27, 2006
  3. Mr. SweatyFinger

    VWD why why why

    Mr. SweatyFinger, Nov 28, 2006, in forum: ASP .Net
    Replies:
    1
    Views:
    372
    =?Utf-8?B?Q2lhcmFuIE8nJycnRG9ubmVsbA==?=
    Dec 21, 2006
  4. Mr. SweatyFinger

    why why why why why

    Mr. SweatyFinger, Nov 28, 2006, in forum: ASP .Net
    Replies:
    4
    Views:
    863
    Mark Rae
    Dec 21, 2006
  5. Mr. SweatyFinger
    Replies:
    2
    Views:
    1,768
    Smokey Grindel
    Dec 2, 2006
Loading...

Share This Page