Home Explore Help
Sign In
Qubes
/
core-agent-linux
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge remote-tracking branch 'origin/pr/266'

* origin/pr/266:
  Only allow known-safe characters in socket paths
Marek Marczykowski-Górecki 3 years ago
parent
6da7f77013 06d84b5198
commit
5ddc118429
1 changed files with 3 additions and 2 deletions
Split View Show Diff Stats
  1. 3 2
      qubes-rpc/qubes.ShowInTerminal

+ 3 - 2
qubes-rpc/qubes.ShowInTerminal
View File 

@@ -1,10 +1,11 @@
 
 #!/bin/bash --
 
 
 set -eu
 
+umask 0077
 
 tmpdir="$(mktemp -d)"
 
 
-if [[ $tmpdir =~ \" ]]; then
 
-    echo 'Error: non admissible character detected in sock path.'
 
+if ! [[ $tmpdir =~ ^/[/A-Za-z0-9._-]+$ ]]; then
 
+    echo 'Error: non admissible character detected in sock path.'>&2
 
     exit 1
 
 fi