[augeas-devel] FreeBSD /etc/rc.conf
Mathieu Arnold
mat at mat.cc
Thu Nov 18 12:20:17 UTC 2010
+--On 18 novembre 2010 11:52:45 +0000 "Richard W.M. Jones"
<rjones at redhat.com> wrote:
| (meant to send this to augeas-devel)
|
| [In response to a private point about shell quoting]
|
| You could ask this question another way: What happens if the new value
| I want to set comes from some external untrusted source, and it
| contains shell metacharacters? Is it the responsibility of the caller
| to escape it correctly, or is this something that Augeas should do?
| If it is the caller that should do it, how should the caller know?
| I can easily see an exploit taking place because some caller was not
| aware of the need to do escaping.
Well, augeas should not escape things, I mean, I have rc.conf looking like
this :
cloned_interfaces=""
ifconfig_le0="up"
# vlan 2025
cloned_interfaces="$cloned_interfaces le0.2025 carp25"
ifconfig_le0_2025="inet 79.143.243.252 netmask 255.255.255.192"
ifconfig_carp25="vhid 25 79.143.243.254 netmask 255.255.255.192 advskew 100"
# vlan 2029
cloned_interfaces="$cloned_interfaces le0.2029 carp29"
ifconfig_le0_2029="inet 193.30.227.140/28"
ifconfig_carp29="vhid 29 193.30.227.142/28 advskew 100"
and it works like a charm :-)
Also, FreeBSD supports files in /etc/rc.conf.d/* which are specific to one
service, and on one, I have :
# cat /etc/rc.conf.d/radiusd
radiusd_enable="yes"
export LD_PRELOAD=/usr/local/lib/perl5/5.8.9/mach/CORE/libperl.so
#
:-)
--
Mathieu Arnold
More information about the augeas-devel
mailing list