From owner-freebsd-hackers@FreeBSD.ORG  Sun Jul 25 21:04:06 2004
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 36A0616A4CE
	for <freebsd-hackers@freebsd.org>;
	Sun, 25 Jul 2004 21:04:06 +0000 (GMT)
Received: from mproxy.gmail.com (rproxy.gmail.com [64.233.170.203])
	by mx1.FreeBSD.org (Postfix) with ESMTP id DA25A43D49
	for <freebsd-hackers@freebsd.org>;
	Sun, 25 Jul 2004 21:04:05 +0000 (GMT)
	(envelope-from espinafre@gmail.com)
Received: by mproxy.gmail.com with SMTP id m69so56109rne
	for <freebsd-hackers@freebsd.org>;
	Sun, 25 Jul 2004 14:04:05 -0700 (PDT)
Received: by 10.38.163.63 with SMTP id l63mr601rne;
        Sun, 25 Jul 2004 14:04:00 -0700 (PDT)
Message-ID: <5ef8c2f0040725140372d192bb@mail.gmail.com>
Date: Sun, 25 Jul 2004 18:03:57 -0300
From: =?ISO-8859-1?Q?Jos=E9_de_Paula?= <espinafre@gmail.com>
To: freebsd-hackers@freebsd.org
In-Reply-To: <20040719131503.GA12222@stack.nl>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
References: <5ef8c2f004071419517bdc9f3e@mail.gmail.com>
	<20040718135541.GA28115@gothmog.gr>
	<5ef8c2f0040718144648b49ff6@mail.gmail.com> <20040719131503.GA12222@stack.nl>
Subject: Re: [PATCH] basic modelines for contrib/nvi
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Jul 2004 21:04:06 -0000

On Mon, 19 Jul 2004 15:15:04 +0200, Jilles Tjoelker <jilles@stack.nl> wrote:
<snip>
> 
> There are some options which can pose a security risk, including but not
> limited to cdpath, tempdir, path and shell. You should make a list of
> "safe" options and only allow those in modelines.

Thanks for the feedback, stay tuned for nvi modelines improvement! As
soon as I have enough time, I'm going to take some forbidden options
(for now, they are cdpath, directory, shell, backup and path. Please
tell me what other options would be unsafe) and quietly strip them
from the modeline.