5 Nov
2009
5 Nov
'09
5:07 p.m.
On Thu, Nov 5, 2009 at 13:03, Aaron Griffin <aaronmgriffin@gmail.com> wrote:
I was thinking more along the lines of:
Original: eval $(grep '^SRCDEST=' /etc/makepkg.conf)
SRCDEST=$(grep '^SRCDEST=' /etc/makepkg.conf | cut -d= -f2) PKGDEST=$(grep '^PKGDEST=' /etc/makepkg.conf | cut -d= -f2)
I believe that should work... Make sure to throw in a -d -w check after, to make sure it's right... I think a malicious line (".. && rm -rf /") would simply get stored as a string.. as long as we quote everything properly and unset it if it's not right, I'm pretty sure it's not dangerous. It could however, fail in cases where it's split over multiple lines. I don't think that's a reason not to do it though, I can't imagine a reason for such a thing.