gaschz/ansible-qubes
1
0
Fork 0
mirror of https://github.com/Rudd-O/ansible-qubes.git synced 2025-03-01 14:22:33 +01:00
Code Issues Packages Projects Releases Wiki Activity

add security note to bombshell-client

Browse Source
This commit is contained in:
Manuel Amador (Rudd-O) 2016-02-10 02:37:33 +00:00
parent 9ac4641df6
commit 0adf5c56a1
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
bin/bombshell-client
View File

@ -1,6 +1,15 @@
#!/usr/bin/python -u #!/usr/bin/python -u
import cPickle import cPickle
# Security note:
#
# If you look at cPickle usage in bombshell, it's only used to package up
# the command line at the initiator side, and then it is unpacked at the
# receiver side. Given that the initiator has already been given all
# permissions to run arbitrary programs on the receiver, there is no
# additional security risk posed by the use of cPickle.
#
# End security note.
import contextlib import contextlib
import fcntl import fcntl
import os import os