[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Reminder: $EDITOR with spaces?

From: Tim Waugh <twaugh_at_redhat.com>
Date: 2002-04-29 09:26:54 CEST

On Mon, Apr 29, 2002 at 02:40:22AM -0400, Mark Benedetto King wrote:

> One might think that, presuming that the executable
> at /path/to/editor was capable of handling arbitrary
> parameters, everything would be hunky-dory. But wait!
> We're calling system()! That means $EDITOR gets passed
> verbatim as, basically,
>
> execl("/bin/sh","sh","-c",$EDITOR,0);
>
> So, let's say the user runs
>
> mycommit "foo; cp /bin/sh /tmp/; chmod 4777 /tmp/sh"
>
> You can see where this goes wrong.
>
> So, that means before we call system, either we need
> to escape all semicolons (and pipes and backticks and ...)
> or we need to warn the user "$EDITOR is passed verbatim
> to system; you are probably *not* smart enough to protect
> yourself from craftily constructed $EDITOR variables, so
> we recommend that you don't build setuid applications that
> can trigger $EDITOR."

Isn't it enough to pass "$EDITOR" to the shell and get _it_ to expand
it? Like:

execl("/bin/sh","sh","-c","$EDITOR",0);

Tim.
*/

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Apr 29 09:28:02 2002

This is an archived mail posted to the Subversion Dev mailing list.