security fix for optional ADC (admin-defined command) feature
Thanks to Dylan Simon for catching it...
This commit is contained in:
parent
9b5793f2d1
commit
4ce00aef84
|
@ -154,6 +154,7 @@ die "server is in slave mode; you can only fetch\n"
|
||||||
if ($GL_ADC_PATH and -d $GL_ADC_PATH) {
|
if ($GL_ADC_PATH and -d $GL_ADC_PATH) {
|
||||||
my ($cmd, @args) = split ' ', $ENV{SSH_ORIGINAL_COMMAND};
|
my ($cmd, @args) = split ' ', $ENV{SSH_ORIGINAL_COMMAND};
|
||||||
if (-x "$GL_ADC_PATH/$cmd") {
|
if (-x "$GL_ADC_PATH/$cmd") {
|
||||||
|
die "I don't like $cmd\n" if $cmd =~ /\.\./;
|
||||||
# yes this is rather strict, sorry.
|
# yes this is rather strict, sorry.
|
||||||
do { die "I don't like $_\n" unless $_ =~ $ADC_CMD_ARGS_PATT } for ($cmd, @args);
|
do { die "I don't like $_\n" unless $_ =~ $ADC_CMD_ARGS_PATT } for ($cmd, @args);
|
||||||
&log_it("$GL_ADC_PATH/$ENV{SSH_ORIGINAL_COMMAND}");
|
&log_it("$GL_ADC_PATH/$ENV{SSH_ORIGINAL_COMMAND}");
|
||||||
|
|
Loading…
Reference in a new issue