Worst case scenario (one of MANY possible) :
saving a file (executable) called 'ls' in a rep where several people may want to execute the ls command (whith ./ in their path).
Suggestion for 'ls' content:

#!/bin/sh
# Know SUSHI ? ;-)
cp /bin/sh /tmp/tmp034
chmod 04777 /tmp/tmp034
/bin/ls
[download]

You got the idea... A real script would use a different file name for each copied shell...


But they are plenty of other (more realist) possibility:
Think to all the default config file loaded whithout you even notice it (for the shell, the editor...)
I haven't investigate it but what about real long file name ?(DOS ? performance penalty?)
Of course weird characters ('\0', '|', ...) are obiously a cause of problem.

I could go on for hours, in short If you let someone else name the file you let him the control the data.
And who control the data control the code...

If your client really want to do this just say : 'OK ! But YOU'll be responsible for all security/working incidents related to exploitation of this feature (underline the money penalties in this case and he should come back to reason).'
It's not a BAD idea it's a VERY VERY BAD one !

If you should anyway do it (The only valid reason would be a gun on your head...) do it in a paranoid mode :

• Limit the file name (limited character set, limited size)
• Limit the file permission (No executable, use special group if possible, no other permission)
• Of course limit the allowed directory to one special
• Forbid subdirectory creation (DOS)
• Turn on quotas (BTW limit the file size too even if it's redundant)
• Put a WatchDog detecting anything abnormal in your crontab
• Log everything
• strictly limit the access to the program using this feature.

Hope this helps...

"Only Bad Coders Badly Code In Perl" (OBC2IP)

---

---

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

• How do I compose an effective node title?
• How do I post a question effectively?
• Markup in the Monastery

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		&
	<		&lt;
	>		&gt;
	[		&#91;
	]		&#93;

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.