[RFC] New web server for bazaar
Robert Collins
robertc at robertcollins.net
Mon Sep 19 09:18:23 BST 2005
On Mon, 2005-09-19 at 02:26 -0400, James Blackwell wrote:
> ...
> I'm not very conversant with the plugin system yet. For all I know, if a
> plugin exists in the right place then bzr is going to start up a webserver
> by default every time the command is run -- even if by root*. If that were
> a case, then all it would take is a simple honest coding mistake to expose
> any file on the filesystem (see the old named conf problem for local
> escalation of filesystem access) or to expose deeper levels of the network
> (see the ancient apache proxy bug).
Yes, a plugin could cause a webserver to be automatically started. I
would consider this distasteful - I wouldn't merge any plugin that did
that into mainline.
I think anything that starts running a service(*) should require a clear
statement requesting that from the user. (I.e. bzr webserver). :0
(*) except for extremely short localhost only services, i.e. the
webserver during our test suite.
Rob
--
GPG key available at: <http://www.robertcollins.net/keys.txt>.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/bazaar/attachments/20050919/e58ef29d/attachment.pgp
More information about the bazaar
mailing list