[PATCH] basic modelines for contrib/nvi
José de Paula
espinafre at gmail.com
Sun Jul 25 14:04:06 PDT 2004
On Mon, 19 Jul 2004 15:15:04 +0200, Jilles Tjoelker <jilles at stack.nl> wrote:
<snip>
>
> There are some options which can pose a security risk, including but not
> limited to cdpath, tempdir, path and shell. You should make a list of
> "safe" options and only allow those in modelines.
Thanks for the feedback, stay tuned for nvi modelines improvement! As
soon as I have enough time, I'm going to take some forbidden options
(for now, they are cdpath, directory, shell, backup and path. Please
tell me what other options would be unsafe) and quietly strip them
from the modeline.
More information about the freebsd-hackers
mailing list