[network-admin] wireless-key from /etc/network/interfaces not escaped
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
GST |
Won't Fix
|
Medium
|
|||
gnome-system-tools (Ubuntu) |
Triaged
|
Medium
|
Ubuntu Desktop Bugs |
Bug Description
Affecting Dapper and if memory serves right, Breezy, too: While fighting with my wireless card, ndiswrapper and the tool to set up wireless network cards in gnome, I did:
# iwconfig wlan0 essid <something> key s:<passphrase>
and got no connection because I have a space character in my WEP passphrase. When I escaped s:<passphrase> like so:
# iwconfig wlan0 essid <something> key "s:<passphrase>"
I got it working.
I then used the gnome network configuration tool ("Netzwerkeinst
I looked into /etc/network/
I suggest not to generally put the key in quotes in the configuration file, but to correct the program which configures the WLAN-interface using the configuration file.
ATTENTION: There may be security and safety implications with this too, as "abc; rm -rf /" is a possible ASCII WEP security key (assuming something like ifup calls iwconfig via the shell). I'm currently happy to have my WLAN card working so I'm not gonna try it out myself ;)
Changed in gnome-system-tools: | |
status: | Unknown → Unconfirmed |
Changed in gnome-system-tools: | |
status: | Confirmed → Triaged |
Changed in gst: | |
status: | New → In Progress |
Changed in gst: | |
importance: | Unknown → Medium |
Changed in gst: | |
status: | In Progress → Won't Fix |
I tried a wireless-key containing a semicolon and a command. The command gets executed.
There's probably no security implications in this, since you already have to have elevated rights to be able to edit /etc/network/ interfaces.
Someone who's able to should mark this as a security problem, so that someone more knowledgeable than me looks into it.
"Proof" follows (note the /x.x file):
root@ws-desktop:/# ls interfaces www.isc. org/products/ DHCP
bin dev initrd lib mnt root sys var
boot etc initrd.img lost+found opt sbin tmp vmlinuz
cdrom home initrd.img.old media proc srv usr vmlinuz.old
root@ws-desktop:/# grep wireless-key /etc/network/
wireless-key abcd; touch /x.x
root@ws-desktop:/# ifup wlan0
Internet Systems Consortium DHCP Client V3.0.3
Copyright 2004-2005 Internet Systems Consortium.
All rights reserved.
For info, please visit http://
Listening on LPF/wlan0/ xx:xx:xx: xx:xx:xx xx:xx:xx: xx:xx:xx
Sending on LPF/wlan0/
Sending on Socket/fallback
root@ws-desktop:/#
root@ws-desktop:/# ls
bin dev initrd lib mnt root sys var x.x
boot etc initrd.img lost+found opt sbin tmp vmlinuz
cdrom home initrd.img.old media proc srv usr vmlinuz.old
root@ws-desktop:/#