You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Dec 27, 2023. It is now read-only.
I had to take a look at the postinst script to understand it was caused by my auto-generated setup password containing spaces...
It's somewhat dangerous to use a completely unquoted password there, and also other special characters in the password may cause script failures / syntax error and whatever.
At least, the password should be quoted everywhere where it's used in the script, but in addition, the password selection dialog should explicitly warn about the password being used in unsafe ways in shell scripts and ask to avoid special characters.
A user won't try to perform code injections on her/his own server, of course, but inadvertedly using "wrong" characters in ones password really happens easily.
The text was updated successfully, but these errors were encountered:
Installing the tine20 Debian Package always failed on my system, even after unsetting the LANG variable.
/var/lib/dpkg/info/tine20.postinst: 58: [: pJBBCGS9: unexpected operator
I had to take a look at the postinst script to understand it was caused by my auto-generated setup password containing spaces...
It's somewhat dangerous to use a completely unquoted password there, and also other special characters in the password may cause script failures / syntax error and whatever.
At least, the password should be quoted everywhere where it's used in the script, but in addition, the password selection dialog should explicitly warn about the password being used in unsafe ways in shell scripts and ask to avoid special characters.
A user won't try to perform code injections on her/his own server, of course, but inadvertedly using "wrong" characters in ones password really happens easily.
The text was updated successfully, but these errors were encountered: