ant-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve Loughran" <stev...@iseran.com>
Subject Re: Ant Security
Date Tue, 09 Jul 2002 16:04:57 GMT

----- Original Message -----
From: <conor@cortexebusiness.com.au>
To: "Ant Developers List" <ant-dev@jakarta.apache.org>
Sent: Tuesday, July 09, 2002 5:25 AM
Subject: Ant Security


> I see a lot of discussion in the antlib/ant2 threads about automatic
> download of required jars. To me this raises some security concerns. It
> would be quite simple for this mechanism to be abused to load
> unauthorized code onto a user's machine. Already, today, the ability to
> <get> and <exec> exists. The addition of proxy capability will only make
> this easier.

We are fortunate today that ant is not common enough to be a juicy target;
just as Perl on windows isnt enough of a target to merit writing email
viruses in...this is why I bind .vbs, .js. .wsh to notepad, but keep .perl
bound to perl.

When people move to the .ant extension to running ant, then we have more of
an issue, as you could email something and run it. Otherwise, if someone is
running a local build file that gets, SCM fetches and run stuff, that is
their problem, as it is a per build file issue.

Rant is a security issue; it will run any build file you ask for. So if you
can get an ant file up to the server, and you know its real path, you can
run it. That's where a security manager can really come into play.

I think it is a nice idea to include the notion that stuff may be running
under a security manager from the outset.




--
To unsubscribe, e-mail:   <mailto:ant-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:ant-dev-help@jakarta.apache.org>


Mime
View raw message