piziali@convex.com (Andy Piziali) (03/14/90)
In article <90@tygra.UUCP> cat@tygra.UUCP (John Palmer) writes:
I'm running a computer conferencing system here and am in need of
a version of vi for which the source is available. The problem with
VI as it stands now is that it allows:
1. shell escapes
2. the ability to read in text from another file
3. the ability to write text to a file other than the file with
which vi was invoked.
4. the ability to completly switch files.
This is a grave security loophole that I want to eliminate, but I must have
the source code. If there are other editors that are similar to vi, or
even a little more user-friendly, and if the sources are available for
them, then mayby I'll switch.
John, I would suggest restricting the environment in which vi is run, not
modifying vi itself. The shell escapes, file inclusion, file writing, and file
switching are useful and harmless if the environment in which the vi process is
created is restricted. Consider the process' real and effective user and group
ids, process environment (char **envp), scheduling priority, current working
directory, root directory (chroot), file creation mask, controlling terminal,
and process group when tailoring its environment.
--
piziali@convex.com (Andrew J. Piziali)