Re: pmwebd security (was Re: [RFC] dynamic container switching)

[Nathan Scott <nathans@xxxxxxxxxx>]

----- Original Message -----
> > [...] So, to be clear, it sounds like you are confirming pmwebd has
> > indeed re-opened the information exposure issue from CVE-2012-3419
> > [...]
> 
> What?  No.  That CVE was about [...]

This is the summary, from the CVE:
"Performance Co-Pilot (PCP) before 3.6.5 exports some of the /proc file
system, which allows attackers to obtain sensitive information such as
proc/pid/maps and command line arguments".

(so, esp. proc.psinfo.maps, but also all proc.* instance names - not
specifically about pmcd, but its more generally about exporting that
sensitive information to anyone not permitted to access it).

This is the third or fourth time I've explained the above though - so
don't worry about it, I'll make the needed pmwebd changes this week.

> pmwebd, like pmproxy, lacks detailed outgoing ACL facilities - see

Again, pmproxy does not create (automatically authenticated) unix: or
local-context connections on behalf of remote clients, so it is not
exposed to this problem.

> > > When a 1-line bash script can DoS pmcd  [...]
> > 
> > What???  Could you please supply that script? - thanks.
> [...]

You've forgotten to supply the "1-line bash script" ...?

thanks.

--
Nathan