On 04-06-10 13:40, Mark Burgess wrote:
>
> It is a security risk to accept any file as input to a program that has root
> privilege.
> If you work around this, do so at your own risk.
>
Mark i agree with Vasiliy. I had a former discussion about this a couple a
months ago. Somebody said also it is a security risk. I do not agree with
it. You have to be some kind of adminstrator to put files in this
directory. So if somebody can put a file here. You have already a security
risk. If you have methods input files it can be handy to have a glob input
statement.
Maybe we can make option for it. default is no and if you want this
feature it can be turned on.
> Vasiliy G Tolstov wrote:
>> В Птн, 04/06/2010 в 13:12 +0400, Vasiliy G Tolstov пишет:
>>> How can i use * pattern in inputs?
>>>
>>> I do not want to specify all files in config file, rather i want to
>>> inputs => { "xxx/*.cf" };
>>>
>>> (cfengine 3.0.4)
>>>
>>
>> Ok. Because authors of cfengine not like * in inputs, work around:
>> "soft" slist =>
>> splitstring(execresult("/usr/bin/find /var/cfengine/inputs/soft/ -type f
>> -and -name '*.cf'","noshell")," ",99999999);
>>
>>
>> But my question - why not add this feature to cfengine?
>>
>
--
********************************************************************
* Bas van der Vlies e-mail: [email protected] *
* SARA - Academic Computing Services Amsterdam, The Netherlands *
********************************************************************
_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine
