[Bug 287615] Minor fix to quoting in jail.c

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 287615] Minor fix to quoting in jail.c"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 20 Jun 2025 14:21:39 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=287615

Jim Long <freebsd-bugzilla@umpquanet.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #261352|0                           |1
        is obsolete|                            |

--- Comment #2 from Jim Long <freebsd-bugzilla@umpquanet.com> ---
Created attachment 261437
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=261437&action=edit
Extend "jail -e" quoting protection to: | ` < > &

This is still sub-optimal, but making this 100% correct is somewhat fraught, as
it depends at least in part on which shell or scripting language the escaping
is intended to protect against.

I've altered my patch to include a few more of the most common meta-characters.

Thanks again for your attention to this issue.

Jim

-- 
You are receiving this mail because:
You are the assignee for the bug.