You are here: Foswiki>Tasks Web>Item12266 (02 Dec 2012, GeorgeClark)Edit Attach

Item12266: Configure can throw a taint error when changing {WorkingDir}

pencil
Priority: Normal
Current State: Closed
Released In: 1.1.6
Target Release: patch
Applies To: Engine
Component: Configure
Branches: Release01x01 trunk
Reported By: KipLubliner
Waiting For:
Last Change By: GeorgeClark
Insecure dependency in open while running with -T switch at ... Configure/Checker.pm line 372

This is in checkCanCreateFile()

open my $fh, '>', $name

GeorgeClark tracked this to be caused by chainging {WorkingDir}, need to untaint the log directory.

Need to untaint the log directory in Checkers/Log/Dir.pm

-- KipLubliner - 26 Nov 2012

This appears to be a duplicate of Item11488. Fixed under this task.

-- GeorgeClark - 26 Nov 2012
 

ItemTemplate edit

Summary Configure can throw a taint error when changing {WorkingDir}
ReportedBy KipLubliner
Codebase 1.1.6 dev, 1.1.5, 1.1.4
SVN Range
AppliesTo Engine
Component Configure
Priority Normal
CurrentState Closed
WaitingFor
Checkins distro:d7c8ffd45881 distro:76306a51f116
TargetRelease patch
ReleasedIn 1.1.6
CheckinsOnBranches Release01x01 trunk
trunkCheckins distro:76306a51f116
Release01x01Checkins distro:d7c8ffd45881
Topic revision: r6 - 02 Dec 2012, GeorgeClark - This page was cached on 31 May 2016 - 18:26.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License