Re: Untrusted search path vulnerabilities
Hello, everybody,
On Mon, Nov 22, 2010 at 08:36:59AM +0100, Vincent Bernat wrote:
> OoO Vers la fin de l'après-midi du dimanche 21 novembre 2010, vers
> 16:37, Filippo Rusconi <listes.rusconi@laposte.net> disait :
>
> > OK, so I may test if the content of the PYTHONPATH variable is empty
> > the way below, so that I can set the path in differenciated manners :
>
> > ~~~~~~~~~~ start-script ~~~~~~~~~~~
>
> > #!/bin/sh
>
> > # Only append ${PYTHONPATH} if it actually contains something. Thus,
> > # test the length of the string in PYTHONPATH.
> > if [ "${#PYTHONPATH}" = "0" ]
> > then
> > PYTHONPATH=/usr/lib/mmass/mspy/plot
> > else
> > PYTHONPATH=/usr/lib/mmass/mspy/plot:${PYTHONPATH}
> > fi
> > export PYTHONPATH
>
> A shorter version:
>
> export PYTHONPATH=/usr/lib/mmass/mspy/plot${PYTHONPATH:+:${PYTHONPATH}}
Thanks a lot to Chow Loong Jin <hyperair@ubuntu.com> and Vincent
Bernat <bernat@debian.org> for the suggestion, which I'll implement as
soon as possible.
Cheers,
Filippo
--
Filippo Rusconi, PhD - CNRS - public key C78F687C
Author of ``massXpert'' at http://www.massxpert.org
Reply to: