diff options
author | P. J. McDermott <pj@pehjota.net> | 2015-12-07 17:54:51 (EST) |
---|---|---|
committer | P. J. McDermott <pj@pehjota.net> | 2015-12-07 17:54:51 (EST) |
commit | 65efea4d3a28c866f42d09b73e17afdf56b44f2e (patch) | |
tree | dfb8bb4cabf396bbd77a1931d294654a461eb5ed /src/cmd | |
parent | a1abe55bbfd39a8d9a8722c596aceac8941e171a (diff) |
cmd_*_main(): Load /etc/os-release in a subshell
Limit the effects of this sort of arbitrary code execution, or at least
avoid cluttering the namespace.
Diffstat (limited to 'src/cmd')
-rw-r--r-- | src/cmd/build.sh | 3 | ||||
-rw-r--r-- | src/cmd/opkg.sh | 3 | ||||
-rw-r--r-- | src/cmd/shell.sh | 3 |
3 files changed, 3 insertions, 6 deletions
diff --git a/src/cmd/build.sh b/src/cmd/build.sh index 8d12691..1d2f232 100644 --- a/src/cmd/build.sh +++ b/src/cmd/build.sh @@ -70,8 +70,7 @@ cmd_build_main() cmd_build_pkg_dir="${arg}" done - . "${root}/etc/os-release" - profile_set "${ID}" + profile_set "$(. "${root}/etc/os-release" && printf '%s' "${ID}")" if ! [ -d "${cmd_build_pkg_dir}" ]; then error 2 "$(get_msg 'cmd_build_not_a_dir')" \ diff --git a/src/cmd/opkg.sh b/src/cmd/opkg.sh index e1fc8ce..44a22bd 100644 --- a/src/cmd/opkg.sh +++ b/src/cmd/opkg.sh @@ -78,8 +78,7 @@ cmd_opkg_main() fi done - . "${root}/etc/os-release" - profile_set "${ID}" + profile_set "$(. "${root}/etc/os-release" && printf '%s' "${ID}")" session_begin "${root}" . cmd_opkg_fini false diff --git a/src/cmd/shell.sh b/src/cmd/shell.sh index 468da0f..f6eb3d3 100644 --- a/src/cmd/shell.sh +++ b/src/cmd/shell.sh @@ -37,8 +37,7 @@ cmd_shell_main() root="$(block_mount "${dev}")" fi - . "${root}/etc/os-release" - profile_set "${ID}" + profile_set "$(. "${root}/etc/os-release" && printf '%s' "${ID}")" session_begin "${root}" . : false if [ ${#} -eq 0 ]; then |