[ET Trac] [Einstein Toolkit] #1749: avoid creating temporary links to files in Formaline
Einstein Toolkit
trac-noreply at einsteintoolkit.org
Sun Aug 16 22:27:32 CDT 2015
#1749: avoid creating temporary links to files in Formaline
------------------------------------+---------------------------------------
Reporter: rhaas | Owner:
Type: enhancement | Status: review
Priority: minor | Milestone:
Component: EinsteinToolkit thorn | Version: development version
Resolution: | Keywords: Formaline
------------------------------------+---------------------------------------
Comment (by knarf):
Please quote the filename in lines 46 and 49. I might be too paranoid, and
I am sure this isn't the only place things like this occur in the code (in
fact, code that the patch removes is as bad), but just imagine someone
adding a file with the name "README | rm -rf ~" to a thorn. Or worse.
I didn't test the patch yet though - not for retaining functionality, and
especially not for helping in the current case.
--
Ticket URL: <https://trac.einsteintoolkit.org/ticket/1749#comment:5>
Einstein Toolkit <http://einsteintoolkit.org>
The Einstein Toolkit
More information about the Trac
mailing list