thunderbird
MiniDNS OSCommand
Checklist
- [X] I have used the search function to see if someone else has already submitted the same feature request.
- [X] I will describe the problem with as much detail as possible.
- [X] This issue only contains a request for one single feature, not multiple (related) features.
App version
6.715
Problem you are trying to solve
Presence of OSCommand execution in the org.minidns library :
org/minidns/dnsserverlookup/AndroidUsingExec.java
Set parseProps = parseProps(new LineNumberReader(new InputStreamReader(Runtime.getRuntime().exec("getprop").getInputStream(), StandardCharsets.UTF_8)), true);
Suggested solution
I tried to exclude ( + add 'minidns-core = "org.minidns:minidns-core:1.0.4"' in libs.version.toml) :
implementation(libs.minidns.hla) { exclude("org.minidns", "minidns-client") } implementation(libs.minidns.core)
It works if user's account allready exists, but crash if a new account is created
Screenshots / Drawings / Technical details
No response
I don't see how this is a problem in an unmodified version of K-9 Mail.
Are you working on a custom version of K-9 Mail for yourself? If so, why report your development problems to us?
Hello,
I was talking with Wolf Montwe about an issue i have with a commit he made about ProvidersXmlDiscovery. I talk him about the OSCommand and he ask me to create an issue about that to get it under your radar (as he said)
From: cketti @.> Sent: Tuesday, February 6, 2024 1:48:55 PM To: thunderbird/thunderbird-android @.> Cc: SvSky @.>; Author @.> Subject: Re: [thunderbird/thunderbird-android] MiniDNS OSCommand (Issue #7604)
I don't see how this is a problem in an unmodified version of K-9 Mail.
Are you working on a custom version of K-9 Mail for yourself? If so, why report your development problems to us?
— Reply to this email directly, view it on GitHubhttps://github.com/thunderbird/thunderbird-android/issues/7604#issuecomment-1929458013, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AD6OJIGIBDGTYFLVKEG27XDYSIRDPAVCNFSM6AAAAABC35DNBOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSMRZGQ2TQMBRGM. You are receiving this because you authored the thread.Message ID: @.***>
Please add enough information so the issue can be understood without requiring additional private context.
What are you trying to do? Why?
K-9 Mail is not using ProvidersXmlDiscovery anymore. Are you sure this is related to K-9 Mail 6.715?
ProvidersXmlDiscovery is not related to 6.715. It's just the last version i build for work was the 6.710 and it was in.
But since this version, we have new security control and OSCommand are no longer ok.
I was trying to figure out with Wolf Montwe how i can put my custom providers inside the new version (waiting to have operational OAuth), and i talk him about OSCommand
From: cketti @.> Sent: Tuesday, February 6, 2024 2:18:16 PM To: thunderbird/thunderbird-android @.> Cc: SvSky @.>; Author @.> Subject: Re: [thunderbird/thunderbird-android] MiniDNS OSCommand (Issue #7604)
Please add enough information so the issue can be understood without requiring additional private context.
What are you trying to do? Why?
K-9 Mail is not using ProvidersXmlDiscovery anymore. Are you sure this is related to K-9 Mail 6.715?
— Reply to this email directly, view it on GitHubhttps://github.com/thunderbird/thunderbird-android/issues/7604#issuecomment-1929560844, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AD6OJIGHDVH3DAKJ2PTKPQDYSIURRAVCNFSM6AAAAABC35DNBOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSMRZGU3DAOBUGQ. You are receiving this because you authored the thread.Message ID: @.***>
The issue with MiniDNS is that it is executing system commands. This is considered harmfull by some security tools and therefore reported. This is problematic as it leads to not beeing able to use K-9 in environments where such checks are enforced.
So we should at least evaluate if there are alternatives to minidns that work for mobile and are not executing system commands.
