The default configuration lets a user run every system command
Bug #540934 reported by
Luke Faraone
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| lshell (Debian) |
Fix Released
|
Unknown
|
|||
| lshell (Ubuntu) |
Fix Released
|
High
|
Luke Faraone | ||
Bug Description
Binary package hint: lshell
Forwarded from Debian: "In example I can run "echo $(/bin/sh)" or "echo $(/bin/su)", or every other command."
Related branches
lp:~lfaraone/ubuntu/lucid/lshell/lp540934
- James Westby (community): Approve
- Luke Faraone: Needs Resubmitting
- Benjamin Drung: Needs Fixing
-
Diff: 52 lines (+22/-1)4 files modifieddebian/changelog (+8/-0)
debian/control (+2/-1)
debian/patches/forbidden-chars.patch (+11/-0)
debian/patches/series (+1/-0)
| visibility: | private → public |
| Changed in lshell (Ubuntu): | |
| assignee: | nobody → Luke Faraone (lfaraone) |
| Changed in lshell (Ubuntu): | |
| importance: | Undecided → High |
| status: | New → Triaged |
| Changed in lshell (Debian): | |
| status: | Unknown → Fix Released |
Revision history for this message
| Benjamin Drung (bdrung) wrote | #1 |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in lshell (Ubuntu): | |
| status: | Triaged → Fix Released |
To post a comment you must log in.
unsubscribing ubuntu-sponsors, please resubscribe once you have addressed the points mentioned in the merge request