[PATCH 9/9] make-secnet-sites: Do not permit "include" in simple sites files
Ian Jackson
ijackson at chiark.greenend.org.uk
Wed Jul 11 01:10:06 BST 2012
Restrict the "include" directive to the "header" of -u (groupfile
update) mode. Callers who are simply using make-secnet-sites to
transform a (possibly untrusted) sites file into a (to be trusted)
sites.conf file should not have to worry about includes.
"include" directives are already forbidden in group files.
Signed-off-by: Ian Jackson <ijackson at chiark.greenend.org.uk>
---
make-secnet-sites | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/make-secnet-sites b/make-secnet-sites
index aa50344..966bb77 100755
--- a/make-secnet-sites
+++ b/make-secnet-sites
@@ -480,7 +480,7 @@ else:
if len(sys.argv)>3:
print "Too many arguments"
sys.exit(1)
- pfilepath(sys.argv[1],allow_include=True)
+ pfilepath(sys.argv[1])
of=sys.stdout
if len(sys.argv)>2:
of=open(sys.argv[2],'w')
--
1.7.2.5
More information about the sgo-software-discuss
mailing list