On Fri, Nov 12, 2010 at 6:12 PM, chrysn <[email protected]> wrote:
> PYTHONPATH=/usr/share/sima/:$PYTHONPATH exec /usr/share/sima/mpd_sima.py "$@"
Please use this instead to avoid security issues caused by allowing
python to load modules from the working directory (which may have
untrusted files in it):
PYTHONPATH=/usr/share/sima/${PYTHONPATH:+:$PYTHONPATH} exec
/usr/share/sima/mpd_sima.py "$@"
c.f. all the recent LD_LIBRARY_PATH vulnerabilities for the reasoning
behind this.
--
bye,
pabs
http://wiki.debian.org/PaulWise
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive:
http://lists.debian.org/[email protected]
