diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2013-02-09 21:17:29 +0100 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2013-03-09 05:35:58 +0100 |
| commit | cd0e640970d569712077219d90a705bfa4ccd2d4 (patch) | |
| tree | e41e467d242ddff5334176bf4482a3355f5beae6 /src/share/ma/update_users | |
| parent | e02c127f8e2c5001cf90429a2ee3532d7a4e3c76 (diff) | |
Preserve (instead of collapse) arguments in su_monkeysphere_user().autoquote
It is a healthy coding practice to keep each argument separate when
executing system calls, i.e. quote each variable separately instead of
relying on whitespace to indicate argument separation.
Quoting shell-inside-shell is tricky to do right, but not impossible:
Bourne-derived shells treat single-quoting literally, which means that
shell command arguments (i.e. an array of strings) should be safe to
serialize (dual-quote) using these simple rules:
b) each single-quote inside each string is escaped as '\''
a) each string is surrounded by single-quotes
This patch applies above single-quote serialization for
su_monkeysphere_user(), and adapts ma/update_users $STRICT_MODES on
line 82 to match.
If serialization routine should turn out to be broken, it will
therefore only affect $STRICT_MODES in ma/update_users badly. All other
variables passed through su_monkeysphere_user() should not possibly be
treated any worse than previous non-quoting.
Diffstat (limited to 'src/share/ma/update_users')
| -rw-r--r-- | src/share/ma/update_users | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/share/ma/update_users b/src/share/ma/update_users index 991c302..2066359 100644 --- a/src/share/ma/update_users +++ b/src/share/ma/update_users @@ -79,7 +79,7 @@ for uname in $unames ; do # process authorized_user_ids file, as monkeysphere user su_monkeysphere_user \ - . "${SYSSHAREDIR}/process_authorized_user_ids" "'$STRICT_MODES'" - \ + . "${SYSSHAREDIR}/process_authorized_user_ids" "$STRICT_MODES" - \ < "$authorizedUserIDs" \ > "$tmpAuthorizedKeys" |