mirror of
https://github.com/moparisthebest/wget
synced 2024-07-03 16:38:41 -04:00
[svn] wget.texi: Mentioned that .listing symlinked to /etc/passwd is not a security
hole, but that other files could be, so root shouldn't run wget in user dirs.
This commit is contained in:
parent
d599a2d2cf
commit
9e94eb26ef
@ -3,7 +3,9 @@
|
||||
* wget.texi: Corrections, clarifications, and English fixes to
|
||||
time-stamping documentation. Also moved -nr from "Recursive
|
||||
Retrieval Options" to "FTP Options" and gave it a @cindex entry.
|
||||
Alphabetized FTP options by long option name.
|
||||
Alphabetized FTP options by long option name. Mentioned that
|
||||
.listing symlinked to /etc/passwd is not a security hole, but that
|
||||
other files could be, so root shouldn't run wget in user dirs.
|
||||
|
||||
2001-02-22 Dan Harkless <wget@harkless.org>
|
||||
|
||||
|
@ -919,9 +919,26 @@ discouraged, unless you really know what you are doing.
|
||||
@itemx --dont-remove-listing
|
||||
Don't remove the temporary @file{.listing} files generated by @sc{ftp}
|
||||
retrievals. Normally, these files contain the raw directory listings
|
||||
received from @sc{ftp} servers. Not removing them can be useful to
|
||||
access the full remote file list when running a mirror, or for debugging
|
||||
purposes.
|
||||
received from @sc{ftp} servers. Not removing them can be useful for
|
||||
debugging purposes, or when you want to be able to easily check on the
|
||||
contents of remote server directories (e.g. to verify that a mirror
|
||||
you're running is complete).
|
||||
|
||||
Note that even though Wget writes to a known filename for this file,
|
||||
this is not a security hole in the scenario of a user making
|
||||
@file{.listing} a symbolic link to @file{/etc/passwd} or something and
|
||||
asking @code{root} to run Wget in his or her directory. Depending on
|
||||
the options used, either Wget will refuse to write to @file{.listing},
|
||||
making the globbing/recursion/time-stamping operation fail, or the
|
||||
symbolic link will be deleted and replaced with the actual
|
||||
@file{.listing} file, or the listing will be written to a
|
||||
@file{.listing.@var{number}} file.
|
||||
|
||||
Even though this situation isn't a problem, though, @code{root} should
|
||||
never run Wget in a non-trusted user's directory. A user could do
|
||||
something as simple as linking @file{index.html} to @file{/etc/passwd}
|
||||
and asking @code{root} to run Wget with @samp{-N} or @samp{-r} so the file
|
||||
will be overwritten.
|
||||
|
||||
@cindex globbing, toggle
|
||||
@item -g on/off
|
||||
|
Loading…
Reference in New Issue
Block a user