Re: Security discussion
Posted: Tue Oct 09, 2018 6:11 pm
@imperio make an answer here.
The project is not dead \o/
The project is not dead \o/
Yes, have seen it already - thats a really good news!!! Let's take vesta alive - don't want to work without!
May you explain why this is not safe.ctrlpac wrote: ↑Tue Sep 25, 2018 7:30 pmA lot of redundant code was written using PHP. Example:Code: Select all
if ((!empty($_POST['user'])) && (empty($_POST['code']))) { $v_user = escapeshellarg($_POST['user']); $user = $_POST['user']; $cmd="/usr/bin/sudo /usr/local/vesta/bin/v-list-user"; exec ($cmd." ".$v_user." json", $output, $return_var); ... ...
No escape for user input on the lineR_O wrote: ↑Wed Apr 03, 2019 1:44 amMay you explain why this is not safe.ctrlpac wrote: ↑Tue Sep 25, 2018 7:30 pmA lot of redundant code was written using PHP. Example:Code: Select all
if ((!empty($_POST['user'])) && (empty($_POST['code']))) { $v_user = escapeshellarg($_POST['user']); $user = $_POST['user']; $cmd="/usr/bin/sudo /usr/local/vesta/bin/v-list-user"; exec ($cmd." ".$v_user." json", $output, $return_var); ... ...
Code: Select all
$user = $_POST['user'];
Code: Select all
if ((!empty($_POST['user'])) && (empty($_POST['code']))) {
...
...
Yes, I miss the 'user' assignation, but regarding the 'if', forgive my ignorance but Is there a vulnerability of the "empty" command. The manual tells it is just a Boolean for any validation since PHP 5.5. How can this affect the process if you sanitise the content right after you know that exists?