urosm
/
ikiwiki
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

master
https://www.google.com/accounts/o8/id?id=AItOawngqGADV9fidHK5qabIzKN0bx1ZIfvaTqs 2010-09-12 22:48:49 +00:00 committed by Joey Hess
parent f4392bc4dd
commit 827bd1d990
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/bugs/ikiwiki_ignores_PATH_environment.mdwn
View File

@ -16,3 +16,5 @@ This makes it a little hard to specify which specific binaries should be used, e
> The ikiwiki script's own sanitization of PATH was done to make perl taint
> checking happy, but as taint checking is disabled anyway, I have removed
> that. [[done]] --[[Joey]]
Question: Do ikiwiki.cgi and the RCS post-commit script sanitize the $PATH separately from bin/ikiwiki? If not, then bin/ikiwiki is probably right to sanitize the $PATH; otherwise you've created a security hole with access to the account that ikiwiki is SUID to. It'd be nice if /opt/local/bin were earlier in the $PATH, but that can be changed (as noted) in the setup file. [[Glenn|geychaner@mac.com]]