Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/tests/phpunit/unit/includes/shell
History
Kunal Mehta d45e2fef6d SECURITY: Prevent invoking firejail's --output functionality 
firejail has an RCE in its handling of --output when dealing with untrusted
arguments (CVE-2020-17367 and CVE-2020-17368). We can avoid this issue by
preventing shelling out to firejail if any parameter starts with '--output'.

Bug: T258763
Change-Id: Ic6a5644566a51a948de7b42daf57b29ced3daff4
2020-09-24 16:24:36 +01:00
..
CommandFactoryTest.php shell: Fix autodetection of firejail in findFirejail() 2020-07-07 03:18:34 -07:00
FirejailCommandTest.php SECURITY: Prevent invoking firejail's --output functionality 2020-09-24 16:24:36 +01:00