pcb-rnd security related bug #1: execbug

Users opening untrusted boards or projects may unintentionally execute external programs.

1. Bug description

pcb-rnd inherited 5 settings from gEDA/PCB that let pcb-rnd (and PCB) execute external processes, wrapping certain file operations:

The old Settings system has been replaced in pcb-rnd; the new conf system allows any configuration setting to be specified in a project file or a board file. This includes the above 5 items as well.

Thus an attacker may produce a project or a single board file in .pcb or .lht format that contains the above config settings, executing arbitrary shell command on the user's computer when pcb-rnd opens or saves the file or loads fonts or footprints or netlists.

2. How to prevent the attack

2.1. By using a version that is not affected

2.2. By manually checking board and project files from untrusted source

Before opening the file, grep for _command and _shell in it, remove the offending lines.

3. What did the patch/fix do

The patch prevents these 5 settings to take effect when the source of the setting is not from one of these:

This bans sources like the board file, the project file and environmental variable.