diff options
| author | Petter Reinholdtsen <pere@hungry.com> | 2008-07-04 07:34:48 +0000 |
|---|---|---|
| committer | Petter Reinholdtsen <pere@hungry.com> | 2008-07-04 07:34:48 +0000 |
| commit | e1e6b1dd39c60ea24988df73c8c54f2319d68ff2 (patch) | |
| tree | 61b80509094a8f197fa60e07fb5e31b7c47aa112 | |
| parent | 47182b176d6c495473bec25bcc74353164a34c1d (diff) | |
| download | sitesummary-e1e6b1dd39c60ea24988df73c8c54f2319d68ff2.tar.gz sitesummary-e1e6b1dd39c60ea24988df73c8c54f2319d68ff2.tar.bz2 sitesummary-e1e6b1dd39c60ea24988df73c8c54f2319d68ff2.tar.xz | |
* Fix the code running collector handlers, to get it working when
the perl script is in tained mode.
| -rw-r--r-- | debian/changelog | 7 | ||||
| -rw-r--r-- | sitesummary-collector.cgi | 6 |
2 files changed, 12 insertions, 1 deletions
diff --git a/debian/changelog b/debian/changelog index 5270207..785b2cc 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +sitesummary (0.0.43) UNRELEASED; urgency=low + + * Fix the code running collector handlers, to get it working when + the perl script is in tained mode. + + -- Petter Reinholdtsen <pere@debian.org> Fri, 13 Jun 2008 21:40:49 +0200 + sitesummary (0.0.42) unstable; urgency=low * Make sure to read /etc/environment in init.d/sitesummary-client diff --git a/sitesummary-collector.cgi b/sitesummary-collector.cgi index 5dcf972..c9fbf86 100644 --- a/sitesummary-collector.cgi +++ b/sitesummary-collector.cgi @@ -135,8 +135,12 @@ sub process_entry { } rename $dirname, $newdir || die; + + $ENV{"PATH"} = ""; for my $handler (<$handlerdir/*>) { - `$handler $newdir $status`; + # Untaint script path + $handler =~ m/^([^;]*)$/; $handler = $1; + system("$handler", "$newdir", "$status"); } } |