mirror/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2026-01-24 23:40:18 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
33c6d5570e2b6c569a1f3dcbcfe9d17fdfd4b58c
fdroidserver/hooks
History
Hans-Christoph Steiner b851d49d24 shell=True is too dangerous to allow; there are unfiltered user inputs 
There are all sorts of unfiltered user inputs like tag and branch names in
source repos.  If those names are fed into popen calls that use shell=True,
that opens up a wide range of exploits.  All core operations should never
use shell=True.
2018-01-26 10:18:41 +01:00
..
install-hooks.sh
Add pre-commit hook with installer
2014-05-28 09:28:28 +02:00
pre-commit
shell=True is too dangerous to allow; there are unfiltered user inputs
2018-01-26 10:18:41 +01:00