Bug #19442
Updated by Alexis Mousset almost 3 years ago
Currently @rudder-pkg@ runs a gpg command in a shell after downloading a file from the server.
One of the gpg command parameter is built from the remote file name, it is hence possible to run a command as root with a specially crafted file name.
This happens before signature check so an attacker would only have to impersonnate the plugins server (which uses https by default) to take control of a server.