Restrict RPCs that make server-side files #20865

issue laanwj opened this issue on January 6, 2021
  1. laanwj commented at 10:39 AM on January 6, 2021: member

    Currently dumpwallet and other RPCs can scribble all over the file system, at least as the user running bitcoind permits.

    It would be better if these were at the least limited to the data directory, or even a specific directory within the data directory, say, ~/.bitcoin/dumpwallet—to avoid name collisions with wallets, lock files and database files. Overwriting is already prevented.

  2. laanwj added the label RPC/REST/ZMQ on Jan 6, 2021
  3. MarcoFalke commented at 10:52 AM on January 6, 2021: member

    Duplicate created by GitHub #20866

  4. MarcoFalke closed this on Jan 6, 2021
  5. laanwj commented at 11:17 AM on January 6, 2021: member

    That was strange, I got a 404 error when I submitted this the first time that's why I tried again.

  6. jonatack commented at 11:30 AM on January 6, 2021: member

    I've been having issues like that lately (double comments or a comment/review being lost after submitting). GitHub's caching also seems pretty aggressive (or flakey).

  7. fanquake locked this on Jan 6, 2021
Contributors
laanwjMarcoFalkejonatack
Labels
RPC/REST/ZMQ
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-13 15:14 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me