Date: Sun, 25 Jul 2004 18:03:57 -0300 From: =?ISO-8859-1?Q?Jos=E9_de_Paula?= <espinafre@gmail.com> To: freebsd-hackers@freebsd.org Subject: Re: [PATCH] basic modelines for contrib/nvi Message-ID: <5ef8c2f0040725140372d192bb@mail.gmail.com> In-Reply-To: <20040719131503.GA12222@stack.nl> References: <5ef8c2f004071419517bdc9f3e@mail.gmail.com> <20040718135541.GA28115@gothmog.gr> <5ef8c2f0040718144648b49ff6@mail.gmail.com> <20040719131503.GA12222@stack.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 19 Jul 2004 15:15:04 +0200, Jilles Tjoelker <jilles@stack.nl> wrote: <snip> > > There are some options which can pose a security risk, including but not > limited to cdpath, tempdir, path and shell. You should make a list of > "safe" options and only allow those in modelines. Thanks for the feedback, stay tuned for nvi modelines improvement! As soon as I have enough time, I'm going to take some forbidden options (for now, they are cdpath, directory, shell, backup and path. Please tell me what other options would be unsafe) and quietly strip them from the modeline.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5ef8c2f0040725140372d192bb>