summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorjvoisin2018-11-23 21:54:55 +0100
committerjvoisin2018-11-23 21:54:55 +0100
commit0b594cd3330366e8cb49c08dcc17ca92bbb8ddfb (patch)
treeb053983852f3c621ad6515ba0ca93491b29361db /doc
parent4e5b0af0413e787577117984cc15999060859313 (diff)
Document a bit more the threat model
Diffstat (limited to 'doc')
-rw-r--r--doc/source/features.rst6
1 files changed, 4 insertions, 2 deletions
diff --git a/doc/source/features.rst b/doc/source/features.rst
index 540e982..dd35e2b 100644
--- a/doc/source/features.rst
+++ b/doc/source/features.rst
@@ -24,6 +24,7 @@ Unfortunately, passing user-controlled parameters to it often leads to arbitrary
24 24
25We're mitigating it by filtering the ``$``, ``|``, ``;``, `````, ``\n`` and ``&`` chars in our 25We're mitigating it by filtering the ``$``, ``|``, ``;``, `````, ``\n`` and ``&`` chars in our
26default configuration, making it a lot harder for an attacker to inject arbitrary commands. 26default configuration, making it a lot harder for an attacker to inject arbitrary commands.
27This feature is even more effective when used along with :ref:`readonly_exec <readonly-exec-feature>`.
27 28
28 29
29Examples of related vulnerabilities 30Examples of related vulnerabilities
@@ -33,7 +34,7 @@ Examples of related vulnerabilities
33- `CVE-2014-4688 <https://www.pfsense.org/security/advisories/pfSense-SA-14_10.webgui.asc>`_: Authenticated remote code execution on pfSense 34- `CVE-2014-4688 <https://www.pfsense.org/security/advisories/pfSense-SA-14_10.webgui.asc>`_: Authenticated remote code execution on pfSense
34- `CVE-2014-1610 <https://www.rapid7.com/db/modules/exploit/multi/http/mediawiki_thumb>`_: Unauthenticated remote code execution on DokuWiki 35- `CVE-2014-1610 <https://www.rapid7.com/db/modules/exploit/multi/http/mediawiki_thumb>`_: Unauthenticated remote code execution on DokuWiki
35- `CVE-2013-3630 <https://www.rapid7.com/db/modules/exploit/multi/http/moodle_cmd_exec>`_: Authenticated remote code execution on Moodle 36- `CVE-2013-3630 <https://www.rapid7.com/db/modules/exploit/multi/http/moodle_cmd_exec>`_: Authenticated remote code execution on Moodle
36- Every single shitty `modem/router/switch/IoT <https://twitter.com/internetofshit>`_. 37- Every single `modem/router/switch/IoT/… <https://twitter.com/internetofshit>`_.
37 38
38 39
39``mail``-related injections 40``mail``-related injections
@@ -51,6 +52,7 @@ often meaning an arbitrary code execution.
51 --- `The PHP documentation about mail <https://secure.php.net/manual/en/function.mail.php>`_ 52 --- `The PHP documentation about mail <https://secure.php.net/manual/en/function.mail.php>`_
52 53
53We're killing it by preventing any extra options in ``additional_parameters``. 54We're killing it by preventing any extra options in ``additional_parameters``.
55This feature is even more effective when used along with :ref:`readonly_exec <readonly-exec-feature>`.
54 56
55 57
56Examples of related vulnerabilities 58Examples of related vulnerabilities
@@ -76,7 +78,7 @@ if you're planning to use it.
76 78
77This feature is roughly the same than the `Suhosin one <https://suhosin.org/stories/configuration.html#transparent-encryption-options>`_. 79This feature is roughly the same than the `Suhosin one <https://suhosin.org/stories/configuration.html#transparent-encryption-options>`_.
78 80
79Having a secret server-side key will prevent anyone (even the user himself) 81Having a secret server-side key will prevent anyone (even the user)
80from reading the content of the cookie, reducing the impact of an application storing sensitive data client-side. 82from reading the content of the cookie, reducing the impact of an application storing sensitive data client-side.
81 83
82 84