Ludovic writes: > Someone reported this bug: > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=516626 > > Because of missing shell quoting, I think that anybody could also run > any shell command with backuppc rights...
That's right. I fixed this quite some time ago in CVS. I added some additional checking for suspicious arguments. It's part of 3.2.0beta0. Craig ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ BackupPC-devel mailing list BackupPC-devel@lists.sourceforge.net List: https://lists.sourceforge.net/lists/listinfo/backuppc-devel Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/
