Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

90captive_portal_test: drop insecure PATH elements #39

Open
decathorpe opened this issue Oct 17, 2018 · 0 comments
Open

90captive_portal_test: drop insecure PATH elements #39

decathorpe opened this issue Oct 17, 2018 · 0 comments

Comments

@decathorpe
Copy link
Member

@decathorpe decathorpe commented Oct 17, 2018

The fedora package security check complains about this:

   "code" : "SuspiciousPath",
   "context" : {
      "excerpt" : [
         "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
      ],
      "path" : "/etc/NetworkManager/dispatcher.d/90captive_portal_test"
   },
   "diag" : "Potentially insecure PATH element <tt>/local</tt>",
   "subpackage" : "elementary-capnet-assist"

I think that means it wants /usr/local/sbin and /usr/local/bin removed from the PATH variable.

I guess those PATH entries are there because they are / were useful for testing or debugging ... but for release builds, they should be dropped.


Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

CameronNemo added a commit to CameronNemo/capnet-assist that referenced this issue Oct 18, 2018
* No longer redefine path (closes elementary#39)
* Detect captive portal in-script
* Wait for gnome-session rather than nm-applet
* Timeout after 90s of waiting
* Switch from su to runuser
CameronNemo added a commit to CameronNemo/capnet-assist that referenced this issue Oct 18, 2018
* No longer redefine path (closes elementary#39)
* Detect captive portal in-script
* Wait for gnome-session rather than nm-applet
* Timeout after 90s of waiting
* Switch from su to runuser
CameronNemo added a commit to CameronNemo/capnet-assist that referenced this issue Feb 5, 2019
* No longer redefine path (closes elementary#39)
* Detect captive portal in-script
* Wait for gnome-session rather than nm-applet
* Timeout after 90s of waiting
* Switch from su to runuser
CameronNemo added a commit to CameronNemo/capnet-assist that referenced this issue Feb 6, 2019
* No longer redefine path (closes elementary#39)
* Detect captive portal in-script
* Wait for gnome-session rather than nm-applet
* Timeout after 90s of waiting
* Switch from su to runuser
CameronNemo added a commit to CameronNemo/capnet-assist that referenced this issue Feb 6, 2019
* No longer redefine path (closes elementary#39)
* Detect captive portal in-script
* Wait for gnome-session rather than nm-applet
* Timeout after 90s of waiting
* Switch from su to runuser
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

1 participant