Skip to main content.
home | support | download

Back to List Archive

Re: swish-search (was: Re: Errors during HP-UX

From: Bill Moseley <moseley(at)not-real.hank.org>
Date: Thu Aug 02 2001 - 13:47:03 GMT
At 12:37 AM 8/2/2001 -0700, SRE wrote:
>Note that INDEX_READ_ONLY must be defined to wipe out the write routines.
>The executable WAS different, unlike with your suggestion.

Oh, I just looked at 1.3.2-PHRASE and 2.0.5.  In 1.3.2 there are some #ifdef
for INDEX_READ_ONLY but the end result is the same as in 2.0.5 - they are
very similar, just that 2.0.5 uses the file name instead of a #define to
decide what code to execute.  It's all still there in 2.1-dev - take a look
at the code.

>Look, I won't try to convince you it's better. You clearly don't
>think so. On the other hand, you appear to have removed a feature
>that others DO think is useful (and for no apparent reason other
>than you don't plan to use it). Is that wise? Is it optimal?

Well, I didn't touch it.  

I'm just pointing out that if the process (user) running swish has
permissions to write an index, it doesn't matter if the user is running
swish-e or swish-search because they can just type rm -rf / anyway.  If a
CGI user can manage to pass -m or -i to swish when the script isn't suppose
to, then they can probably pass rm -rf /, too.

But like I said.  I agree that for sysadmins it's a good feature.  "Yes, we
can run the safe version."  But for CGI programmers it might provide a
false sense of security.  But, of course, programmers that fall into that
thinking probably have other security problems.



Bill Moseley
mailto:moseley@hank.org
Received on Thu Aug 2 13:48:31 2001