Hi!
it seems we'll need something similar to uwt to implement some of the
Tails stream separation design (I'm thinking of Claws Mail,
specifically), so I had a quick look. Here are a few remarks.
Predictable filename in world-writable directory => welcome to
symlink attacks:
TORSOCKS_CONF_FILE="/tmp/$(whoami)_torsocks_temp"
Also, the use of a per-user unique filename is prone to race-conditions.
If one of -i, -p and -t is not passed, uwt happily creates
a non-functional TORSOCKS_CONF_FILE and passes it to torsocks,
who is the one who eventually complains. This is a bit confusing.
Buggy handling of wrapped commands whose arguments contain spaces (is
going through getopt necessary for the wrapped command at all?):
$ gpg --recv-keys 2861A790
$ gpg --list-keys "Micah Anderson"
pub 4096R/2861A790 2009-05-08 [expires: 2013-05-02]
uid Micah Anderson <micah@???>
uid Micah Anderson <micah@???>
sub 4096R/D40ED62E 2009-05-08 [expires: 2013-05-03]
sub 4096R/B61CAE53 2009-05-08
$ uwt -i 127.0.0.1 -p 9050 -t 5 -c 'gpg --list-keys "Micah Anderson"'
gpg: error reading key: public key not found
Confusing message (actual behavior looks good, though):
echo "UWT_LOCALHOST: $UWT_LOCALHOST NOT using torsocks."
echo "exec torsocks \"$@\""
Über-bold (and probably fragile) parsing of wrapped command -- I find
this to be a bit scary, as it silently assumes every occurrence of
these strings in a wrapped command line means that the user wants to
connect to localhost, which might not be the case:
case "$*" in
*127.0.0.1*)
*localhost*)
Thank you for writing uwt.
Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
