I think the same could be said for most things on the box. If someone can write to that folder, they can probably just run the file and do not need you to run wifi menu to trigger the file. On Wed, Apr 1, 2015 at 11:43 AM, <h8h@dev-nu11.de> wrote:
hi
I recently switched to a new laptop and therefore I copied all my wifi-configuration files (/etc/netctl) to the new one. Too bad that the wifi interface has changed (thanks to sysctl) and I wrote a small bash script, which should change the `interface` variable. By the way the script doesn't work very well, but I place it in the same folder with all the wifi-configuration files (/etc/netctl/) and I noticed that the tool `wifi-menu` is executing my script. I don't think this is a big vulnerability nor a bug, but if an attacker has the opportunity to place a bash file there, the system could be damaged by simple executing `wifi-menu`. Yes I know that the folder is not world / user writeable, but maybe some thoughts from the archlinux community?
The reason for executing is sourceing all the files in /etc/netctl, maybe this could be improved by using eval and grep, see [1]
Cheers Christian Homeyer H8H
-- Pete Baldridge 206.992.2852