bareos: master 334cfd5f
| Author | Committer | Branch | Timestamp | Parent | |
|---|---|---|---|---|---|
| master | 2013-05-04 20:34 | master d72cca4b | Pending | ||
| Affected Issues | 0000031: Implementation of an allowed scriptdir keyword | ||||
| Changeset | Implementation of an allowed scriptdir keyword Implement an allowed scriptdir keyword in the filed that sets the directories in which any runscript must be located so we can limit the attack surface of the filedaemon. Currently the filed will execute any script in any directory which makes it a serious security concern by much of the bigger customers security officers. This new keyword implemented per director and a global one which is used as a fallback when a specific one for a specific director is not configured. Fixes 0000031: Implementation of an allowed scriptdir keyword |
||||
| mod - src/lib/runscript.h | Diff File | ||||
| mod - src/lib/runscript.c | Diff File | ||||
| mod - src/filed/job.c | Diff File | ||||
| mod - src/filed/filed_conf.h | Diff File | ||||
| mod - src/filed/filed_conf.c | Diff File | ||||
