RE: [e-smith-devinfo] Custom panel error

Tue, 10 Dec 2002 13:52:47 -0800 

Abe,

You can un-taint $iso by adding something like the following prior to your
system call



my $iso = $q->param ('whatever your parameter is');
        if ($iso =~ /^([a-z][\-\_\.a-z0-9]*)$/)
        {
        $iso = $1;
        }
        else
        {
         print $q->p ("Error: unexpected characters in ISO name \"$iso\".");
        return;
        }

Jon Blakely

> -----Original Message-----
> From: Abe Loveless [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, December 11, 2002 8:16 AM
> To: 'e-smith-devinfo'
> Subject: [e-smith-devinfo] Custom panel error
>
>
>
> I'm working on a custom panel for the mkCDrec package.
> http://mkcdrec.ota.be/project/index.html
>
> One of my sub-routines returns this error from the server-manager.
>
> <ERROR>
> Software error:
> Insecure dependency in system while running with -T switch at
> /etc/e-smith/web/panels/manager/cgi-bin/mkcdrec line 278.
>
> For help, please send mail to the webmaster
> ([EMAIL PROTECTED]), giving this error message and the time
> and date of the error.
> </ERROR>
>
>
> The devinfo archive didn't return any results.  (at lease "insecure
> dependency" didn't)
>
> The forum's returned this thread:
> http://www.e-smith.org/bboard//read.php?v=t&f=1&i=1235&t=1216
>
> The forum thread references an e-smith 4.0 bug.
>
>
> The line referenced in the error is the following:
>       system ("/bin/rm -f /opt/utilities/mkcdrec/backup_archive/".
> $iso) == 0
>               or die ("Error occurred while removing ". $iso ."\n");
>
> I'm trying to delete the backup iso image from my backup archive.
>
>
> Any thoughts on what this error refers to, or where I can go
> to find the
> answer?
>
> Thanks,
> Abe
>
>
>
>
>
>
>
>
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.427 / Virus Database: 240 - Release Date: 12/6/2002
>
>
>
> --
> Please report bugs to [EMAIL PROTECTED]
> Please mail [EMAIL PROTECTED] (only) to discuss security issues
> Support for registered customers and partners to [EMAIL PROTECTED]
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> Searchable archive at
> http://www.mail-archive.com/devinfo%40lists.e-smith.org
>
>
>


--
Please report bugs to [EMAIL PROTECTED]
Please mail [EMAIL PROTECTED] (only) to discuss security issues
Support for registered customers and partners to [EMAIL PROTECTED]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Searchable archive at http://www.mail-archive.com/devinfo%40lists.e-smith.org

Reply via email to