diff options
author | fergus.henderson@gmail.com <fergus.henderson@gmail.com@01de4be4-8c4a-0410-9132-4925637da917> | 2012-05-03 20:58:24 +0000 |
---|---|---|
committer | fergus.henderson@gmail.com <fergus.henderson@gmail.com@01de4be4-8c4a-0410-9132-4925637da917> | 2012-05-03 20:58:24 +0000 |
commit | 9eccd66520a26aecc26dd192ace621208e1d7212 (patch) | |
tree | 2b9f3bb41085c5986b52b173da446eef64b71b18 | |
parent | f7a991a54cc041bf0e71697f1987ab4fb46ca7da (diff) | |
download | distcc-9eccd66520a26aecc26dd192ace621208e1d7212.tar.gz |
Fix for distcc issue 109 <http://code.google.com/p/distcc/issues/detail?id=109>:
Apply a patch from Debian that was forwarded upstream by mandyke.
The patch fixes a potential security problem in pump wrapper
(pump.in). If PYTHONPATH were originally unset or empty, the current working
directory would be added to PYTHONPATH, which is a security risk.
git-svn-id: http://distcc.googlecode.com/svn/trunk@768 01de4be4-8c4a-0410-9132-4925637da917
-rwxr-xr-x | pump.in | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -295,7 +295,7 @@ StartIncludeServer() { # of one asterisk) without filename expansion. eval \ "PYTHONOPTIMIZE='$PYTHONOPTIMIZE' " \ - "PYTHONPATH='$pythonpath::$PYTHONPATH' " \ + "PYTHONPATH='$pythonpath${PYTHONPATH:+:$PYTHONPATH}' " \ "'$PYTHON'" \ "'$include_server'" \ --port "'$socket'" \ |