On Wed, Mar 01, 2006 at 03:33:41PM -0500, Lowell Gilbert wrote: > Scott Long <scottl_at_samsco.org> writes: > > > Maxime Henrion wrote: > > > Hey all, > > > I have released a new snapshot of csup a few minutes ago, > > > > [...] > > > > > - Executes (shell commands sent by the server, even more rarely > > > used), > > > > Are you joking? > > Are you asking whether he's joking about (1) the idea of ever > implementing it, (2) the fact that he hasn't done it yet, or > (3) the idea that it's rarely used? All of those sound > reasonable to me... I'm questioning (1) myself. This just seems like a bad idea from a security perspective. Of course, some kind of sanitization could mitigate the issue. -- WXSReceived on Wed Mar 01 2006 - 20:10:56 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:52 UTC