Re: NNCP path traversal attack.

public inbox for nncp-devel@lists.stargrave.org
Atom feed

From: "Jonathan Lane" <jon@borg•moe>
To: "Eugene Medvedev" <rn3aoh.g@gmail•com>,
	<nncp-devel@lists.cypherpunks.su>
Subject: Re: NNCP path traversal attack.
Date: Thu, 18 Sep 2025 23:28:59 -0700	[thread overview]
Message-ID: <DCWKC3GNCPIO.2UVUYPU6RGLOF@borg.moe> (raw)
In-Reply-To: <CAO-d-4p-xZjB=zAri=y-H-KPziVYGwnC70zKQ8vsEHzJTvDGsg@mail.gmail.com>

On Thu Sep 18, 2025 at 9:46 PM PDT, Eugene Medvedev wrote:
> The included patch is my take on dealing with this by by limiting path
> traversal to
> below the configured full path. It does nothing about, e.g., symlinks,
> and I'm not sure anything should be done about those.

The usual protection against symlink traversal is running services in a
chroot jail, Docker, or some other imposed filesystem boundary.  I'm not
sure there's a good source-level fix for this that runs everywhere NNCP
does.

-- 
Jonathan Lane

next prev parent reply	other threads:[~2025-09-19  6:49 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-09-19  4:46 NNCP path traversal attack Eugene Medvedev
2025-09-19  6:28 ` Jonathan Lane [this message]
2025-09-19  6:43   ` Eugene Medvedev
2025-09-19 12:02 ` John Goerzen
2025-09-19 12:11   ` Eugene Medvedev
2025-09-19 12:04 ` John Goerzen
2025-09-19 12:31   ` Eugene Medvedev
2025-09-19 13:25 ` Sergey Matveev
2025-09-19 13:30   ` Eugene Medvedev