	cosign-discuss at umich.edu
	general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

login cgi argument sanity checking

To: cosign-discuss@xxxxxxxxx
Subject: login cgi argument sanity checking
From: Graeme Wood <Graeme.Wood@xxxxxxxx>
Date: Tue, 16 Aug 2005 10:26:56 +0100 (BST)
Reply-to: Graeme Wood <Graeme.Wood@xxxxxxxx>

One of our users has discovered by accident that the login CGI will accept
a backslash in the username and will correctly authenticate to the KDC,
presumably because the backslash is regarded by the krb functions as just
quoting the following character. However, cosign retains the backslash in
the authenticated username and so the backslash appears in the REMOTE_USER
environment variable when it is read by mod_cosign.  This then affects
authorisation.

It doesn't look like cgi.c does any sanity checking of the login argument
that is passed to it from the html form.  It should probably check that
only alphanumeric characters are accepted (and perhaps / to allow for
non-default principals), though this might affect non-ascii usernames (do
people use multicharacter usernames?). What do people think?

-- 
=============================================================================
Graeme Wood                                 Email: Graeme.Wood@xxxxxxxx
Unix Systems Support                        Phone: +44 131 650 5003
The University of Edinburgh                 Fax:   +44 131 650 6552
=============================================================================

Follow-Ups:
- Re: login cgi argument sanity checking
  - From: Cory Snavely

Prev by Date: Re: browser redirection loop
Next by Date: Re: browser redirection loop
Previous by thread: Re: browser redirection loop
Next by thread: Re: login cgi argument sanity checking
Index(es):
- Date
- Thread