You are here: Foswiki>Tasks Web>Item619 (02 Jan 2009, WillNorris)Edit Attach

Item619: The configure extensions installer fails or at least warns about unsafe files.

pencil
Priority: Normal
Current State: Closed
Released In: 1.0.0
Target Release: patch
Applies To: Engine
Component: configure
Branches:
Reported By: Foswiki:Main.KennethLavrsen
Waiting For:
Last Change By: WillNorris
Under windows and possibly also Linux the configure extensions installer fails or at least warns about unsafe files.

The problem is that the filter is too hard and see files with , as unsafe. The ,v files creates warnings for this reason when they are there for some reason (happens in many extensions).

Also the warning message is useless to developers because it fails to say WHICH file is unsafe.

So a $f in the message will help a lot.

Checking in fix

Per Sven's advice the $f can stop program execusion because it is tainted.

So I remove this part of the fix. I may later return with a more elegant solution that encodes the filename and untaints a copy of the variable for display. But no time for this now. it is not important because we should really never see this message in practical.

ItemTemplate edit

Summary The configure extensions installer fails or at least warns about unsafe files.
ReportedBy Foswiki:Main.KennethLavrsen
Codebase trunk
SVN Range TWiki-4.2.3, Wed, 06 Aug 2008, build 17396
AppliesTo Engine
Component configure
Priority Normal
CurrentState Closed
WaitingFor
Checkins distro:9d1ad9ea350b distro:f6f05b817fdb
TargetRelease patch
ReleasedIn 1.0.0
Edit  | Attach | Print version | History: r5 < r4 < r3 < r2 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r5 - 02 Jan 2009, WillNorris
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy