Re: [PATCH v3 3/3] connect: improve check for plink to reduce false positives

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jun 26, 2015 at 09:15:24AM -0400, Jeff King wrote:
> On Sun, Apr 26, 2015 at 08:30:12PM +0000, brian m. carlson wrote:
> > Improve the check by looking for "plink" or "tortoiseplink" (or those
> > names suffixed with ".exe") only in the final component of the path.
> > This has the downside that a program such as "plink-0.63" would no
> > longer be recognized, but the increased robustness is likely worth it.
> > Add tests to cover these cases to avoid regressions.
> 
> FYI, this ended up biting me today. We have some integration tests that
> make sure we can clone over putty, and we wrap plink in a
> "plink-wrapper.sh" script that tweaks a few extra options. That used to
> match under the old scheme, but not the new. It would also match if we
> looked for "plink" anywhere in the basename (but not in leading
> directories).
> 
> I was able to work around it pretty easily by changing our test setup,
> but I thought I would include it here as a data point. It's probably not
> that representative of real-world users.

Thanks for the data point.  While we don't use plink at $DAYJOB, this is
the kind of test we might well perform.  I expect it's most likely to
hit people in test setups like this, but if it turns out to be a
problem, we can certainly loosen it or if necessary, revert it.
-- 
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187

Attachment: signature.asc
Description: Digital signature


[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]