4 From: Bram Moolenaar <Bram@moolenaar.net>
6 Content-Type: text/plain; charset=ISO-8859-1
7 Content-Transfer-Encoding: 8bit
10 Patch 6.3.082 (after 6.3.081)
11 Problem: Unix: expand() may execute a shell command when it's not wanted.
13 Solution: A more generic solution than 6.3.081.
17 *** ../vim-6.3.081/src/os_unix.c Tue Jul 19 22:31:54 2005
18 --- src/os_unix.c Wed Jul 20 10:54:12 2005
21 if (!have_wildcard(num_pat, pat))
22 return save_patterns(num_pat, pat, num_file, file);
25 * Don't allow the use of backticks in secure and restricted mode.
27 ! if (secure || restricted
28 ! # ifdef HAVE_SANDBOX
32 for (i = 0; i < num_pat; ++i)
33 if (vim_strchr(pat[i], '`') != NULL
34 && (check_restricted() || check_secure()))
36 if (!have_wildcard(num_pat, pat))
37 return save_patterns(num_pat, pat, num_file, file);
39 + # ifdef HAVE_SANDBOX
40 + /* Don't allow any shell command in the sandbox. */
41 + if (sandbox != 0 && check_secure())
46 * Don't allow the use of backticks in secure and restricted mode.
48 ! if (secure || restricted)
49 for (i = 0; i < num_pat; ++i)
50 if (vim_strchr(pat[i], '`') != NULL
51 && (check_restricted() || check_secure()))
52 *** ../vim-6.3.081/src/version.c Tue Jul 19 22:31:54 2005
53 --- src/version.c Wed Jul 20 11:03:50 2005
57 { /* Add new patch number below this line */
63 No letters of the alphabet were harmed in the creation of this message.
65 /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\
66 /// Sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
67 \\\ Project leader for A-A-P -- http://www.A-A-P.org ///
68 \\\ Buy LOTR 3 and help AIDS victims -- http://ICCF.nl/lotr.html ///