I don't like the lack of array-based exec (it uses %x{cmd arg arg}, which is `cmd arg arg`, which could lead to shell escapes) but it seems self-contained (i.e. "arg" only ever comes from system output). I think the tool looks very fragile as it depends strongly on the output format of various system tools, so it may become a pain for backporting if that ever happens. Since it's mostly just a puppet dep, I think this will be okay. +1
** Changed in: facter (Ubuntu) Status: New => In Progress -- Main Inclusion Report for facter. https://bugs.launchpad.net/bugs/408402 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs