You are here: Foswiki>Tasks Web>Item10648 (11 Apr 2012, GeorgeClark)Edit Attach

Item10648: Checking PATH for an insecure elements

pencil
Priority: Normal
Current State: Closed
Released In: 1.1.5
Target Release: patch
Applies To: Engine
Component: Configure
Branches: Release01x01 trunk
Reported By: JozefMojzis
Waiting For:
Last Change By: GeorgeClark
If the PATH contain insecure element (for example "~/bin") the configure
  • allow write this insecure path into LocalSite.cfg (on 1st run)
  • and after immediately fail with error message: Software error: Insecure directory in $ENV{PATH} while running with -T switch at
  • and the user must manually edit the LocalSite.cfg.

The configure should
  • check for path elements what are not given in absolute form,
  • allow setup the $Foswiki::cfg{SafeEnvPath}

BEFORE 1st save.

-- JozefMojzis - 18 Apr 2011

 
Topic revision: r12 - 11 Apr 2012, GeorgeClark - This page was cached on 01 Sep 2015 - 01:58. Get a fresh version here.
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License