Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/includes/shell
History
Kunal Mehta d45e2fef6d SECURITY: Prevent invoking firejail's --output functionality 
firejail has an RCE in its handling of --output when dealing with untrusted
arguments (CVE-2020-17367 and CVE-2020-17368). We can avoid this issue by
preventing shelling out to firejail if any parameter starts with '--output'.

Bug: T258763
Change-Id: Ic6a5644566a51a948de7b42daf57b29ced3daff4
2020-09-24 16:24:36 +01:00
..
Hook Replace "@stable for implementation" with "@stable to implement" 2020-07-13 11:05:49 +02:00
Command.php Merge "Don't pass stdin to commands by default" 2020-09-18 21:04:50 +00:00
CommandFactory.php shell: Fix autodetection of firejail in findFirejail() 2020-07-07 03:18:34 -07:00
firejail.profile shell: Don't blacklist /run/firejail 2020-09-09 12:31:40 +10:00
FirejailCommand.php SECURITY: Prevent invoking firejail's --output functionality 2020-09-24 16:24:36 +01:00
limit.sh
Result.php Shell\Result: declare types, enable strict types 2019-10-30 17:58:23 -07:00
Shell.php Remove terminating line breaks from debug messages 2020-06-03 12:01:16 +10:00