On Tue, Jan 13, 2004 at 10:07:39AM -0800, Lombard, David N wrote: > You put the 'return "ERROR\n"; line *inside* the foreach loop, you want > it after the loop. With that mod, it works as expected...
gotcha. my worry now becomes one of security - if somehow root's path is set with a NULL component, and root decides to run a SIm command from /tmp, then there's potential for a local (in some cases a remote) user to get some code executed as root. If we are setting $PATH, and screw up by leaving a NULL component, I would consider this a security hole in SIS. If we're just using the already-set $PATH, then I probably wouldn't consider it a hole in SIS - rather, it'd be a mistake on the admin's part. I'm on the fence here - anyone else have an opinion? Sean - I think you originally introduced this into SIS - did you intentionally exclude this property of which, or were you oblivious about it as I was? ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Sisuite-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/sisuite-devel
