[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Mldonkey-bugs] [bug #17456] shell commands broken

From: spiralvoice
Subject: [Mldonkey-bugs] [bug #17456] shell commands broken
Date: Fri, 18 Aug 2006 20:58:32 +0200
User-agent: Mozilla/5.0 (X11; U; Linux i686; de; rv: Gecko/20060810 Firefox/

Follow-up Comment #2, bug #17456 (project mldonkey):

case 2:
allowed_commands = [
(df, df);
(ls, "ls incoming");]
allow_any_command = true

> ! "ls incoming"

---------------- Exited with code 0

- This works now with the attached patch
> ! mount
/dev/sdb1 on / type reiserfs (rw,noatime,notail,user_xattr)

- This works now with the attached patch


"mldonkey gets the password uncrypted so this would be a major security risk
if it would work ;)"

Because of uncrypted passwords its important users set
allowed_ips to a correct value. With such a good protection
using "!" command should be no problem.
What about having "!" restricted to admin users in multiuser patch?


Reply to this item at:


  Nachricht geschickt von/durch Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]