diff options
author | Jonas Smedegaard <dr@jones.dk> | 2013-02-09 19:54:08 +0100 |
---|---|---|
committer | Jonas Smedegaard <dr@jones.dk> | 2013-03-09 05:46:00 +0100 |
commit | 45ad89b6cddbcb3c112f1c2cdfd4361bc7fdced3 (patch) | |
tree | 06d7e81a91f8a4cbb5e49dd9bb7f49ada9e9c6c1 /src/share/ma/add_certifier | |
parent | e02c127f8e2c5001cf90429a2ee3532d7a4e3c76 (diff) |
Dual-quote arguments passed to su_monkeysphere_user() when possible.dualquote
It is a healthy coding practice to keep each argument separate when
executing system calls, i.e. quote each variable separately instead of
relying on whitespace to indicate argument separation.
Quoting shell-inside-shell is tricky to do right, and gets trickier when
the wrapper demands unusually complex quoting.
su_monkeysphere_user() expands arguments using "$*" which (unlike "$@")
collapses all arguments into a single string, and therefore require
"risky" arguments (e.g. ones containing variables that may contain space
or other unusual characters) to be dual-quoted for them to not wreak
havoc at the inside shell.
This patch improves arguments passed to su_monkeysphere_user() by first
single-quoting and then double-quoting arguments containing variables.
NB! Dynamic arguments are only double-quoted ( "$@" ) which looks safe
but effectively is a noop (quoting is lost at wrapper!).
Diffstat (limited to 'src/share/ma/add_certifier')
-rw-r--r-- | src/share/ma/add_certifier | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/share/ma/add_certifier b/src/share/ma/add_certifier index d456763..3acfd34 100644 --- a/src/share/ma/add_certifier +++ b/src/share/ma/add_certifier @@ -101,7 +101,7 @@ if [ -f "$keyID" -o "$keyID" = '-' ] ; then # check the key is ok as monkeysphere user before loading log debug "checking keys in file..." fingerprint=$(su_monkeysphere_user \ - . "${SYSSHAREDIR}/list_primary_fingerprints" < "$keyID") + . "'${SYSSHAREDIR}/list_primary_fingerprints'" < "$keyID") if [ $(printf "%s" "$fingerprint" | egrep -c '^[A-F0-9]{40}$') -ne 1 ] ; then failure "There was not exactly one gpg key in the file." @@ -114,12 +114,12 @@ if [ -f "$keyID" -o "$keyID" = '-' ] ; then # else, get the key from the keyserver else log verbose "searching keyserver $KEYSERVER for keyID $keyID..." - gpg_sphere --keyserver "$KEYSERVER" --recv-key "0x${keyID}!" \ + gpg_sphere --keyserver "'$KEYSERVER'" --recv-key "'0x${keyID}!'" \ || failure "Could not receive a key with this ID from the '$KEYSERVER' keyserver." # get the full fingerprint of new certifier key log debug "getting fingerprint of certifier key..." - fingerprint=$(gpg_sphere --list-key --with-colons --with-fingerprint "0x${keyID}!" \ + fingerprint=$(gpg_sphere --list-key --with-colons --with-fingerprint "'0x${keyID}!'" \ | grep '^fpr:' | cut -d: -f10) # test that there is only a single fingerprint @@ -133,7 +133,7 @@ EOF fi log info "key found:" - gpg_sphere --fingerprint "0x${fingerprint}!" + gpg_sphere --fingerprint "'0x${fingerprint}!'" if [ "$PROMPT" != "false" ] ; then printf "Are you sure you want to add the above key as a certifier\nof users on this system? (Y/n) " >&2 @@ -149,7 +149,7 @@ fi # export the key to the core keyring so that the core can sign the # new certifier key log debug "loading key into core keyring..." -gpg_sphere --export "0x${fingerprint}!" | gpg_core --import +gpg_sphere --export "'0x${fingerprint}!'" | gpg_core --import # edit-key script to ltsign key # NOTE: *all* user IDs will be ltsigned |