Subject: Re: [boost] [Stacktrace] review, please stop discussing non-Stacktrace issues
From: Peter Dimov (lists_at_[hidden])
Date: 2016-12-19 11:09:18
Andrey Semashev wrote:
> > Why is spawning a process to do the decoding unacceptable?
> I pointed out this in my review. One reason is because of security
> considerations. If the library executes a foreign executable with path
> lookup, it is possible to put a malicious executable with the parent
> process permissions. The parent process can be a daemon, running with
> elevated permissions, so this could potentially be devastating. This is
> more so a problem if the user of Boost.Stacktrace is not suspecting that
> the library executes a process under the hood.
OK... but can you give some specific examples, on Linux and Windows, as to
how such an attack would work? Complete with actual directory and file
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk