On Tue, 25.03.14 01:46, David Härdeman (da...@hardeman.nu) wrote: > So yes, I think they're related...as in they are independent > implementations of the same thing :)
Would be great on settle on a common implementation... ;-) > >Also, please use strappend() for cases like this, where we just want to > >concatenate two strings. > > > >That said, I wodner, if we should escape the second part of the string, > >just to be sure. Using cescape() here would suffice? > > And risk breaking backward compatibility? (I was too lazy to check > exactly what cescape() handles right now)... Well, I mostly care for what is written in the drop-in snippet. The idea is that the receiving side would unescape the thing again. There's cescape() and cunespace() already defined, which should make this easy. > The "name" (second part of the string) comes from /etc/crypttab, which > is writeable by root only on any sane system? (otherwise it'd be dead > easy to insert a keyscript in between which does some keylogging). Well, it's fine if crypttab doesn't do escaping, but when we write it to the snippet and when we read it I think we should do the escaping, since the whole logic might end up being used in other cases where a password is queried, too. The id used here, is after all foreign to the password api stuff, it just passes it along, hence it should maybe just escape the whole thing, and pass it through, and that would be it. Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
