Remove telnet Output_log parameter
91e7ce478649Unpublished
Actions

Unpublished Commit · Learn More

Repository Importing: This repository is still importing.

Description

Remove telnet Output_log parameter

The puppet telnet util opened an output log by default with a predictable name.
This left the log open to a write-through symlink attack as the puppet user.
This fix addresses that by removing the Output_log parameter from the
Net::Telnet::new call. Without the parameter, Net::Telnet defaults to no output
logging. The same is true for the dump_log parameter. The spec test for telnet
has been updated to test and ensure that no files are opened during connect. It
also stubs the TCPSocket for the telnet connection so that no connection is
attempted if @transport.connect isn't stubbed.

Details

Provenance

Matthaus Litteken <matthaus@puppetlabs.com>	Authored on
vanmeeuwen	Pushed on Jun 2 2015, 2:22 PM

Parents

rPU0d6d29933e61: Fix for bucket_path security vulnerability

Branches

Unknown

Tags

Unknown

Event Timeline

Matthaus Litteken <matthaus@puppetlabs.com> committed rPU91e7ce478649: Remove telnet Output_log parameter (authored by Matthaus Litteken <matthaus@puppetlabs.com>).Apr 3 2012, 11:40 PM

Changes (2)

Path

Size

lib/

puppet/

util/

network_device/

transport/

telnet.rb

spec/

unit/

util/

network_device/

transport/

telnet_spec.rb

rPU91e7ce478649

View Options

lib/puppet/util/network_device/transport/telnet.rb