[mythtv-commits] Ticket #10680: MythSystem doesn't split command line strings internally

MythTV noreply at mythtv.org
Wed May 2 15:14:43 UTC 2012 

#10680: MythSystem doesn't split command line strings internally
---------------------------------+-----------------------------
 Reporter:  github@…             |          Owner:  wagnerrp
     Type:  Developer Task       |         Status:  accepted
 Priority:  minor                |      Milestone:  unknown
Component:  MythTV - MythSystem  |        Version:  Master Head
 Severity:  medium               |     Resolution:
 Keywords:                       |  Ticket locked:  0
---------------------------------+-----------------------------

Comment (by wagnerrp):

 Yes.  The rewritten ticket description completely covers your problem.
 The problem you suggest is one of lack of shell escaping, allowing bad
 characters to be passed to the shell.  If you remove the shell, you remove
 the problem.  Not mentioned was a PATH scanner to find relative
 applications, but such would only take a few minutes to write.  Also not
 mentioned is the need to enable and test shell-less operation on all those
 places that use external calls, but that was assumed to be implicitly
 understood.

 To your comment about security issues, MythTV is currently rife with them,
 and the possibility of someone inserting a USB stick with an image file
 designed to induce a filename injection attack is the least of your
 concerns.  Anyone with network access to either the protocol or web
 servers has full control over the machine.  MythTV is designed for home
 use, where it sits on a private network and shouldn't have to fear its
 users.  While it would be nice to close up these holes, that desire is
 tempered by the desire to make MythTV easier to configure and maintain for
 potential less technically minded users.  You can only go so far in
 improving one before you begin to hurt the other.

 Based off your sudden persistence on this issue that has been around since
 before I even started using MythTV, my best guess is that you're trying to
 use MythTV to run some form of public kiosk that you don't want
 compromised.  You need to be aware that there are be tons of other holes
 that will need plugging as well.

-- 
Ticket URL: <http://code.mythtv.org/trac/ticket/10680#comment:3>
MythTV <http://code.mythtv.org/trac>
MythTV Media Center

More information about the mythtv-commits mailing list