Impact
Using the configuration file support introduced in version 5.9.0, it is possible for an attacker to cause Miller to run arbitrary code by placing a malicious .mlrrc
file in the working directory.
Exemplary attack scenario
A Miller user ...
- clones a Git repository containing datasets
- prints one of the files using Miller, e.g via
mlr --c2p cat file.csv
Their machine now is compromised.
Background and attack details
Since version 5.9.0, Miller supports reading options from one or more configuration files (.mlrrc
).
The prepipe
option supports specifying an external command which is executed when Miller processes an input file.
In combination, this makes it possible for an attacker to have Miller execute arbitrary code if they manage to place a .mlrrc
file into the directory inside which mlr
is run. By constructing the attacking command suitably, it is even possible to hide the attack, i.e. the input file is passed to mlr
and processed as normal (see example below).
Example .mlrrc
file:
prepipe touch you_were_attacked; cat
Example mlr
call - user's point of view:
$ ls
test.csv
$ mlr --c2p cat test.csv
a b
1 2
3 4
$ ls
test.csv you_were_attacked
Example mlr
call - showing all files:
$ ls -A
.mlrrc test.csv
$ cat .mlrrc
prepipe touch you_were_attacked; cat
$ mlr --c2p cat test.csv
a b
1 2
3 4
$ ls -A
.mlrrc test.csv you_were_attacked
The trailing ; cat
in the prepipe
option causes the input file to be passed through, thus hiding the attack.
In this example, the "attack" simply created a file for demonstration purposes; for a real attack, it is possible for example to instead download a script via the network and run it. For as long as the download and execution of the script do not generate any output, it is again possible to hide the attack as shown above. This was successfully tested with a local web server.
Patches
The fix is in Miller 5.9.1.
Workarounds
As a workaround, you may set the MLRRC
environment variable to the path of a file which is readable by mlr
. An empty file is sufficient, but due to a bug which also is fixed in version 5.9.1, the referenced file must be readable by mlr
.
References
See the 5.9.1 release at https://github.com/johnkerl/miller/tree/v5.9.1
For more information
If you have any questions or comments about this advisory:
Impact
Using the configuration file support introduced in version 5.9.0, it is possible for an attacker to cause Miller to run arbitrary code by placing a malicious
.mlrrc
file in the working directory.Exemplary attack scenario
A Miller user ...
mlr --c2p cat file.csv
Their machine now is compromised.
Background and attack details
Since version 5.9.0, Miller supports reading options from one or more configuration files (
.mlrrc
).The
prepipe
option supports specifying an external command which is executed when Miller processes an input file.In combination, this makes it possible for an attacker to have Miller execute arbitrary code if they manage to place a
.mlrrc
file into the directory inside whichmlr
is run. By constructing the attacking command suitably, it is even possible to hide the attack, i.e. the input file is passed tomlr
and processed as normal (see example below).Example
.mlrrc
file:Example
mlr
call - user's point of view:Example
mlr
call - showing all files:The trailing
; cat
in theprepipe
option causes the input file to be passed through, thus hiding the attack.In this example, the "attack" simply created a file for demonstration purposes; for a real attack, it is possible for example to instead download a script via the network and run it. For as long as the download and execution of the script do not generate any output, it is again possible to hide the attack as shown above. This was successfully tested with a local web server.
Patches
The fix is in Miller 5.9.1.
Workarounds
As a workaround, you may set the
MLRRC
environment variable to the path of a file which is readable bymlr
. An empty file is sufficient, but due to a bug which also is fixed in version 5.9.1, the referenced file must be readable bymlr
.References
See the 5.9.1 release at https://github.com/johnkerl/miller/tree/v5.9.1
For more information
If you have any questions or comments about this advisory: