管道为什么被认为是危险的在Windows / Unix / Linux上使用？ [英] Why are pipes considered dangerous to use in Windows/unix/linux?

问题描述

为什么水管认为是危险的使用？有什么可以做，以避免这些安全问题？

Why are pipes considered dangerous to use? What can be done to avoid these security issues?

我在Windows中最感兴趣的，但如果你有其他的操作系统信息，请提供。

I'm mostly interested in Windows, but if you have other OS information, please provide.

推荐答案

（假设你从C和IPC的提及谈论的Unix命名管道。的Windows命名管道的工作有所不同）

(assuming you're talking about Unix named pipes from the mention of 'c' and 'IPC'. Windows named pipes work somewhat differently)

任何人只要有权限可以写入到一个命名管道，所以你必须要小心处理权限和锁定（见的羊群（））。如果应用程序信任它从命名管道获得（通常会是这样，除非你明确地建立输入验证进去），那么恶意用户可以写任何需要的数据到命名管道，如果他们有权限输入。

Anyone with permissions can write to a named pipe, so you have to be careful with permissions and locking (see flock()). If an application trusts the input it's getting from the named pipe (which will usually be the case unless you explicitly build input validation into it) then a malicious user can write any desired data into the named pipe if they have permission.

此外，具有权限的任何用户都可以从管道和拦截数据出来的，如果你还没有完全锁定读取。该数据然后从读者期望输入流丢失。

Also, any user with permissions can read from the pipe and intercept data coming out of it if you have not exclusively locked it. The data is then missing from the input stream that the reader is expecting.

这篇关于管道为什么被认为是危险的在Windows / Unix / Linux上使用？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！