QProcess Security and KSaveFile::rcsBackupFile()
Martijn Klingens
klingens at kde.org
Tue Feb 7 16:34:54 GMT 2006
On Friday 03 February 2006 02:05, Allen Winter wrote:
> On Thursday 02 February 2006 04:02, Gregory Hayes wrote:
> > That is a good point, I didn't think of the path issue! I believe the LSB
> > specifies /usr/bin as the RCS default, but other platforms may pop it in
> > a different part of the tree. Is there a way to just remove "." from the
> > QProcess $PATH? If not I would suggest "/bin:/usr/bin:/usr/local/bin"
> > (but someone could be creative and stick it in /opt/rcs-5.7/bin or
> > something). RCS is likely "rcs.exe" on Windows too, so we may need to
> > massage that as well (if it matters to QProcess).
>
> I just committed a change that uses the $PATH you suggest.
That runs shell commands though. As long as qFilename is properly quoted it
doesn't allow arbitrary command execution per se, but it still seems like a
needless security risk to me.
Why don't you pass the result of KStandardDirs::findExe instead of relying
on /usr/bin/env?
See
http://developer.kde.org/documentation/library/cvs-api/kdelibs-apidocs/kdecore/html/classKStandardDirs.html#e1
That also makes it somewhat more portable towards non-Unix platforms where the
'VAR=value cmd --args' style of invocation is often unavailable. (Not to
mention that /usr/bin/env is often unavailable, but so is rcs probably as
well, making this possibly a moot point.)
--
Martijn
More information about the kde-core-devel
mailing list