From 4ce00aef84d1ff7c35f7adbbb99a6241cfda00cc Mon Sep 17 00:00:00 2001
From: Sitaram Chamarty <sitaram@atc.tcs.com>
Date: Tue, 15 Feb 2011 14:58:42 +0530
Subject: [PATCH] security fix for optional ADC (admin-defined command) feature

Thanks to Dylan Simon for catching it...
---
 src/gl-auth-command | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/gl-auth-command b/src/gl-auth-command
index 1af4232..f3449a5 100755
--- a/src/gl-auth-command
+++ b/src/gl-auth-command
@@ -154,6 +154,7 @@ die "server is in slave mode; you can only fetch\n"
 if ($GL_ADC_PATH and -d $GL_ADC_PATH) {
     my ($cmd, @args) = split ' ', $ENV{SSH_ORIGINAL_COMMAND};
     if (-x "$GL_ADC_PATH/$cmd") {
+        die "I don't like $cmd\n" if $cmd =~ /\.\./;
         # yes this is rather strict, sorry.
         do { die "I don't like $_\n" unless $_ =~ $ADC_CMD_ARGS_PATT } for ($cmd, @args);
         &log_it("$GL_ADC_PATH/$ENV{SSH_ORIGINAL_COMMAND}");