On Wed, Oct 08, 2014 at 10:02:52AM +0200, Enrico Zini wrote:

> %e, %E and %h look harmful to me in that way, with a risk of opening
> user-exploitable vulnerabilities:

It's also worth mentioning that most of that information can be found
anyway, and in a safer way, via /proc/%p/, but that directory will
disappear as soon as all the core contents have been consumed from
standard input.


Enrico

-- 
GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini <[email protected]>


-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to