[Owncloud] OC_Installer blacklist
Frank Karlitschek
frank at owncloud.org
Fri May 18 16:25:14 UTC 2012
On 18.05.2012, at 18:09, Thomas Tanghus <thomas at tanghus.net> wrote:
> I just had a look at OC_Installer and came to wonder about the blacklist in OC_Installer::checkCode [1].
> Won't that limit 3rd party developers from using e.g. OC_FilesystemView [2] and OC_Filesystem [3] ?
good point. I removed the "fopen(" pattern for now. We have to find a way to make this more clever in the future.
>
> And btw shouldn't 'exec(' be in the list too?
There is a lot missing. :-)
The idea is to extend this with more patterns that we donĀ“t like over time.
Frank
More information about the Owncloud
mailing list