mirror/webgui
1
0
Fork 0
mirror of https://github.com/unraid/webgui.git synced 2026-04-24 02:58:57 -05:00
Code Issues Packages Projects Releases Wiki Activity

Wrap getUserShell() call with escapeshellarg() for additional security

Browse Source
This commit is contained in:
donbuehl
2024-08-20 09:08:31 +02:00
parent d7b4dfd44b
commit 7e6ad9512d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
emhttp/plugins/dynamix/include/OpenTerminal.php
+1 -1
View File
@@ -73,7 +73,7 @@ case 'ttyd':
// no child processes, restart ttyd to pick up possible font size change
if ($retval != 0) exec("kill ".$ttyd_pid[0]);
}
if ($retval != 0) exec("ttyd-exec -i '$sock' " . getUserShell() . " --login");
if ($retval != 0) exec("ttyd-exec -i '$sock' " . escapeshellarg(getUserShell()) . " --login");
break;
case 'syslog':
// read syslog file