[Ongoing] Tainted data should be handled more carefully

Bug #785467 reported by François Marier
This bug affects 1 person
Affects Status Importance Assigned to Milestone
In Progress

Bug Description

There are two types of data that Mahara manipulates directly: images and compressed files.

Images are resized using PHP libraries (running as the Apache user) and zip files / tarballs are uncompressed through PHP libraries (in the case of Leap) or through shelling out to run unzip.

The problem with this is that this untrusted user data could potentially contain exploits which would take over the web server process and potentially write to / delete the dataroot or the database.

Ideally, we should have the current insecure file manipulation mode for people on shared hosting or Windows as well as a more secure mode where tainted data is handled in a separate process and by an unprivileged and separate user account.

Tags: security
summary: - Tainted data should be handled more carefully
+ [Ongoing] Tainted data should be handled more carefully
Changed in mahara:
status: Triaged → In Progress
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.