Loading ...
Sorry, an error occurred while loading the content.

39245RE: rvim "paranoid" mode? New feature

Expand Messages
  • Collins, Kevin (MindWorks)
    Mar 7, 2005
      Ok, after further prompting from Tony, I re-worked these changes into
      the latest patched revision of vim (6.3.062) and I'm once again asking
      for folks to see if they can subvert rvim.



      -----Original Message-----
      From: Collins, Kevin (MindWorks)
      Sent: Thursday, March 03, 2005 4:03 PM
      To: vim-dev@...
      Cc: Bram@...
      Subject: RE: rvim "paranoid" mode? New feature

      Hi again,

      I've applied all of my code changes against the vim63 source. If
      anyone feels like testing this more hardened version of rvim for
      exploitation, I would be happy to hear feedback - especially if you
      manage to subvert it and access another file directly or indirectly.

      These diffs can be applied to the original source like this:

      patch ex_cmds.c ex_cmds.c.diff



      -----Original Message-----
      From: Collins, Kevin (MindWorks)
      Sent: Wednesday, March 02, 2005 8:40 AM
      To: Bram@...
      Cc: vim-dev@...
      Subject: RE: rvim "paranoid" mode? New feature

      Thanks, Bram. As I've mentioned indirectly, I am not a C programmer -
      I'm a sysadmin with a lot of advanced shell, perl, php, etc (you name
      it) scripting experience, and vim has a lot of source :)

      As evidenced by some of the replies I have received on this list, there
      are a few more things I've missed ('{A-Z0-9}, :arg*, etc).

      However, I did just mention in a previous post that I should probably be
      looking for the "generic" file open (and write) functions, as opposed to
      trying to fix every subroutine :)

      I did incorporate my changes into 6.3 last night and things are still
      working there, but I'll spend more time looking at the fuctions you
      mentioned, although it may be beyond my skill level to do this



      -----Original Message-----
      From: Bram@... [mailto:Bram@...]
      Sent: Wednesday, March 02, 2005 3:19 AM
      To: Collins, Kevin (MindWorks)
      Cc: vim-dev@...
      Subject: RE: rvim "paranoid" mode? New feature

      Kevin Collins wrote:

      > The help still works fine. I am pretty certain its impossible to
      > edit/squash another file, but I am not a vim expert :)
      > Besides :e, :w, :!, :r! and :redir what other methods are available to
      > edit (or otherwise stomp on) another file or start a subshell? I read
      > lot of the docs and couldn't find any.

      You don't sound very sure that there can't be another way. Instead of
      looking in the docs, perhaps you should check the source code where
      readfile() and buf_write() are used (indirectly).

      > I can send the 2 source files I modified or diff output or something
      > else if you'd care to look. The changes are relatively minor. One
      > that my code doesn't handle correctly (but I'm sure you could fix
      > easily) is that if you do:
      > rvim myfile
      > you can do :w or :w! but can't do :w myfile - in other words, my hack
      > disallows any filename argument to :w... Don't know why you would
      > want to do it, but it should be allowed.

      I would say that this would be intentional. This mode is to edit one
      file, thus you don't need to specify a file name. You certainly don't
      want to write elsewhere.

      I suppose you do allow copy/paste?

      We're knights of the Round Table
      Our shows are formidable
      But many times
      We're given rhymes
      That are quite unsingable
      We're opera mad in Camelot
      We sing from the diaphragm a lot.
      "Monty Python and the Holy Grail" PYTHON (MONTY)

      /// Bram Moolenaar -- Bram@... -- http://www.Moolenaar.net
      /// Sponsor Vim, vote for features -- http://www.Vim.org/sponsor/
      \\\ Project leader for A-A-P -- http://www.A-A-P.org
      \\\ Buy LOTR 3 and help AIDS victims -- http://ICCF.nl/lotr.html
    • Show all 34 messages in this topic