diff options
| author | kay.sievers@vrfy.org <kay.sievers@vrfy.org> | 2005-03-27 00:15:07 +0100 |
|---|---|---|
| committer | Greg KH <gregkh@suse.de> | 2005-04-26 23:54:59 -0700 |
| commit | 18614ab25d4208749a3d85ced33acc6679c60fce (patch) | |
| tree | 4c91a9edc1bb542e9028216046f665c8fde16c60 /test | |
| parent | 61b1b7069f7a640e1952dce3c6de97034ef7c4fe (diff) | |
[PATCH] remove untrusted chars read from sysfs-values or returned by PROGRAM
Better remove characters that are useless in a device node name.
It may be a security risk to pass any character read from e.g. a
sysfs attribute to a shell script we execute later.
Prevent the modification of the libsysfs attribute value
cache.
Clear PROGRAM result if the execution encountered an error.
Diffstat (limited to 'test')
| -rw-r--r-- | test/udev-test.pl | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/test/udev-test.pl b/test/udev-test.pl index 50ea5858a4..5d7c5e5b81 100644 --- a/test/udev-test.pl +++ b/test/udev-test.pl @@ -1215,6 +1215,15 @@ BUS=="scsi", KERNEL=="sda1", ENV{ENV_KEY_TEST}=="test", ENV{ACTION}=="add", ENV{ BUS=="scsi", KERNEL=="sda1", ENV{ENV_KEY_TEST}=="bad", NAME="bad" EOF }, + { + desc => "untrusted string sanitize", + subsys => "block", + devpath => "/block/sda/sda1", + exp_name => "sane", + rules => <<EOF +BUS=="scsi", KERNEL=="sda1", PROGRAM=="/bin/echo -e name; (/sbin/badprogram)", RESULT="name_ _/sbin/badprogram_", NAME="sane" +EOF + }, ); # set env |