[aur-dev] [PATCH] Use bash script to parse pkgbuilds
Callan Barrett
wizzomafizzo at gmail.com
Fri Jun 13 06:11:45 EDT 2008
On Fri, Jun 13, 2008 at 2:17 AM, Sebastian Nowicki <sebnow at gmail.com> wrote:
>
> On 10/06/2008, at 12:16 AM, Callan Barrett wrote:
>>
>> Note to self: restricted mode is apparently not as restricted as it
>> sounds, need to look into that and probably how namcap deals with it.
>
> What do you mean? If the path is set to nothing, executables sare not found,
> so any sort of "rm -rf /" spits out an error. I tested it quite a bit with
> various commands like that - they don't work.
>
> Btw, credit should really go to namcap, I just modified the script that's
> used there.
I understand this all and I've tried it all out too but I'm talking
about the stuff that can get evaluated that's just pure bash now. As
far as I can tell stuff like infinite loops can really screw us over
and it's possible to do things like get a directories contents using
relative paths. It's not really lethal like rm but it's not
particularly good for a server either. (I'm not against this idea
idea, please prove me wrong if you can)
> ps. WWDC is awesome!
Get on Jabber :(
--
Callan Barrett
More information about the aur-dev
mailing list