summaryrefslogtreecommitdiffstats
path: root/src/cmd
diff options
context:
space:
mode:
authorP. J. McDermott <pj@pehjota.net>2015-12-07 17:54:51 (EST)
committer P. J. McDermott <pj@pehjota.net>2015-12-07 17:54:51 (EST)
commit65efea4d3a28c866f42d09b73e17afdf56b44f2e (patch)
treedfb8bb4cabf396bbd77a1931d294654a461eb5ed /src/cmd
parenta1abe55bbfd39a8d9a8722c596aceac8941e171a (diff)
cmd_*_main(): Load /etc/os-release in a subshell
Limit the effects of this sort of arbitrary code execution, or at least avoid cluttering the namespace.
Diffstat (limited to 'src/cmd')
-rw-r--r--src/cmd/build.sh3
-rw-r--r--src/cmd/opkg.sh3
-rw-r--r--src/cmd/shell.sh3
3 files changed, 3 insertions, 6 deletions
diff --git a/src/cmd/build.sh b/src/cmd/build.sh
index 8d12691..1d2f232 100644
--- a/src/cmd/build.sh
+++ b/src/cmd/build.sh
@@ -70,8 +70,7 @@ cmd_build_main()
cmd_build_pkg_dir="${arg}"
done
- . "${root}/etc/os-release"
- profile_set "${ID}"
+ profile_set "$(. "${root}/etc/os-release" && printf '%s' "${ID}")"
if ! [ -d "${cmd_build_pkg_dir}" ]; then
error 2 "$(get_msg 'cmd_build_not_a_dir')" \
diff --git a/src/cmd/opkg.sh b/src/cmd/opkg.sh
index e1fc8ce..44a22bd 100644
--- a/src/cmd/opkg.sh
+++ b/src/cmd/opkg.sh
@@ -78,8 +78,7 @@ cmd_opkg_main()
fi
done
- . "${root}/etc/os-release"
- profile_set "${ID}"
+ profile_set "$(. "${root}/etc/os-release" && printf '%s' "${ID}")"
session_begin "${root}" . cmd_opkg_fini false
diff --git a/src/cmd/shell.sh b/src/cmd/shell.sh
index 468da0f..f6eb3d3 100644
--- a/src/cmd/shell.sh
+++ b/src/cmd/shell.sh
@@ -37,8 +37,7 @@ cmd_shell_main()
root="$(block_mount "${dev}")"
fi
- . "${root}/etc/os-release"
- profile_set "${ID}"
+ profile_set "$(. "${root}/etc/os-release" && printf '%s' "${ID}")"
session_begin "${root}" . : false
if [ ${#} -eq 0 ]; then