Foswiki on GitHub is open for business! Next release meeting: Monday October 13, 1300Z

Item38: replace backtick, exec and system calls to use Sandbox..

Priority: CurrentState: AppliesTo: Component: WaitingFor:
Urgent Closed Engine   Main.RobManson
to decrease the exploit surface.

-- SvenDowideit - 01 Nov 2008

Waiting for Rob Manson to report

Elevating to Urgent because if we have a security issue I do not want it forgotten.

And how long are we waiting for this Rob Manson?

My experience is that if someone does not answer back within 48 hours he never answers back because he has forgotten all about it

So please emails him if you have his email.

Anyone working on this?

ItemTemplate edit

Summary replace backtick, exec and system calls to use Sandbox..
ReportedBy SvenDowideit
Codebase trunk
SVN Range TWiki-4.2.3, Wed, 06 Aug 2008, build 17396
AppliesTo Engine
Component
Priority Urgent
CurrentState Closed
WaitingFor RobManson
Checkins PhotoarchivePlugin:47cf81b299fb TWikiReleaseTrackerPlugin:747f6e1e8e71 PageStatsPlugin:e450e1ec2cdd PageStatsPlugin:33f46c62b8da PageStatsPlugin:ca01f2b9d3ee AdvertsPlugin:392246bbbef3 AnyWikiDrawPlugin:e6ffb8d6f2ed AttachContentPlugin:83fe7a4118e5 BenchmarkContrib:2276816847c0 CalendarPlugin:23298ba98e07 ChildTopicsTag:657bbc2ead9a CliRunnerContrib:dcd7ed199570 ComponentEditPlugin:8c6bef09f4bd CreateTopicTag:75cf83bcf496 DBCacheContrib:35289089aa14 DistributionContrib:23bc2d41d373 distro:5ee974a639d1 DojoToolkitContrib:c76de46711d2 EditContrib:5dca5f7d5d4a EditHiddenTablePlugin:ab7b6a442743 EditTablerowPlugin:2ed3bb7621ad EmptyContrib:f7ca4339e983 ExampleHeaderArtContrib:51a91e4a3b39 ExcelImportExportPlugin:ebab22e8943d ExtTopicListPlugin:672c0b1c6982 FallbackPlugin:6d5ed8824dcc GenerateSearchPlugin:a8a64da287b9 HideInEditModePlugin:5810552de99e HtmlFormsPlugin:de423ea2faab ImgPlugin:ca2ab722f0fc ImgTag:1e8e61df1154 InclTag:857f67b2561f InlineEditPlugin:f3b553c975d2 IrcPlugin:924bbc101fc3 JSPopupPlugin:0148c7e8169b JSUnitContrib:f1bda89832ea LdapContrib:7d5722ffa2e0 LoadTagsPlugin:4e96c2cc210c MailInContrib:f5ca94c165bf MetasearchTag:b3b26706dfc7 MoreVarsPlugin:2d5a8f4df04a MoveableTypeSkin:95d1d3f1f010 MultiEditPlugin:168a433de90a PerforcePlugin:661999401af2 PerlSamplePlugin:970c6954d135 PrototypeContrib:aa1d5a00e680 PublishContrib:daa64b274783 RedirectPlugin:0ee363451662 SchedulerContrib:311a75f85404 SectionalEditPlugin:4e945c60c154 SignaturePlugin:69547dc4e359 SmartEditContrib:307557ec7e13 SpacedWikiWordPlugin:9b842c0bf275 TemplateToolkitPlugin:c5d042340126 TimelinePlugin:e8f84184f92e TitleTag:8a29a67eedf7 TWikiAjaxContrib:03146146ba8c TWikiPluginInstallerContrib:172e53601281 TWikiReleaseTrackerPlugin:890448ea4877 TWikiShellContrib:8db8856db823 WidgetsSkin:a3df12ed6540 WikiwygContrib:b35600fbc085 YahooUserInterfaceContrib:998a97be8042 YetAnotherXpTrackerPlugin:7434ce1244bb Rev 737 not found LatexModePlugin:932c3102b24c distro:390fe53e10ba Rev 740 not found EmbedBibPlugin:f24a0b9c6e23 GenPDFLatexAddOn:9fbed548b758 DiskUsagePlugin:236a20b97daf distro:491f44345b4d distro:294ef59f0f4a distro:e8e2669d0dab distro:7e42ef6712de Rev 801 not found
TargetRelease patch
ReleasedIn 1.0.0
Topic revision: r24 - 22 Feb 2009, KennethLavrsen
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License