From 65efea4d3a28c866f42d09b73e17afdf56b44f2e Mon Sep 17 00:00:00 2001
From: P. J. McDermott <pj@pehjota.net>
Date: Mon, 07 Dec 2015 17:54:51 -0500
Subject: cmd_*_main(): Load /etc/os-release in a subshell

Limit the effects of this sort of arbitrary code execution, or at least
avoid cluttering the namespace.
---
(limited to 'src/cmd/opkg.sh')

diff --git a/src/cmd/opkg.sh b/src/cmd/opkg.sh
index e1fc8ce..44a22bd 100644
--- a/src/cmd/opkg.sh
+++ b/src/cmd/opkg.sh
@@ -78,8 +78,7 @@ cmd_opkg_main()
 		fi
 	done
 
-	. "${root}/etc/os-release"
-	profile_set "${ID}"
+	profile_set "$(. "${root}/etc/os-release" && printf '%s' "${ID}")"
 
 	session_begin "${root}" . cmd_opkg_fini false
 
--
cgit v0.9.1