Foswiki on GitHub is open for business! Next release meeting: Monday Nov. 17, 1300Z

Item10648: Checking PATH for an insecure elements

Priority: CurrentState: AppliesTo: Component: WaitingFor:
Normal Closed Engine Configure  
If the PATH contain insecure element (for example "~/bin") the configure
  • allow write this insecure path into LocalSite.cfg (on 1st run)
  • and after immediately fail with error message: Software error: Insecure directory in $ENV{PATH} while running with -T switch at
  • and the user must manually edit the LocalSite.cfg.

The configure should
  • check for path elements what are not given in absolute form,
  • allow setup the $Foswiki::cfg{SafeEnvPath}

BEFORE 1st save.

-- JozefMojzis - 18 Apr 2011

 
Topic revision: r12 - 11 Apr 2012, GeorgeClark
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License