| commit | 8cdc0f33eb6489953376fb5394b4dfaf4c2229c1 | |
| author | Kyle J. McKay <mackyle@gmail.com> | |
| Thu, 4 Mar 2021 05:17:55 +0000 (3 22:17 -0700) | ||
| committer | Kyle J. McKay <mackyle@gmail.com> | |
| Thu, 4 Mar 2021 05:17:55 +0000 (3 22:17 -0700) | ||
| tree | 27da7419247f9102c323bec7c0d92289a3740110 | treesnapshot (tar.gz zip) |
| parent | 1f011bf405bb60ddc4f86fb9a636eafe944cb16c | commitdiff |
Girocco/Dumper.pm: make GetConfPath more paranoid
Believe it or not, some systems respond to this:
/usr/bin/getconf PATH
With something like this:
/usr/bin:/bin:/usr/sbin:/sbin:
Notice the bogus extra ":" on the end! That would cause
the current directory to be searched!
Process the value returned by `getconf PATH` to expunge
any non-absolute-path directories and any paths that contain
a '/.' sequence to make sure the result is reasonably secure.
Signed-off-by: Kyle J. McKay <mackyle@gmail.com>
Believe it or not, some systems respond to this:
/usr/bin/getconf PATH
With something like this:
/usr/bin:/bin:/usr/sbin:/sbin:
Notice the bogus extra ":" on the end! That would cause
the current directory to be searched!
Process the value returned by `getconf PATH` to expunge
any non-absolute-path directories and any paths that contain
a '/.' sequence to make sure the result is reasonably secure.
Signed-off-by: Kyle J. McKay <mackyle@gmail.com>
| Girocco/Dumper.pm | diffblobblamehistory |