[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-hackers-public] On resetting passwords

From: Ineiev
Subject: Re: [Savannah-hackers-public] On resetting passwords
Date: Sat, 8 Apr 2017 08:20:45 -0400
User-agent: Mutt/1.5.21 (2010-09-15)

On Sun, Mar 19, 2017 at 01:19:05PM -0400, Ineiev wrote:
> I'll need more hints to address points 3. (what more validation
> and error checking could be used in the Perl script), 4. (I don't know
> how we could usefully sanitize GPG input), 5. (how the 'open'
> command should escape parameters before executing them as shell
> commands).

This is to address points 3. (more checking is added to the Perl
script) and 5. (a check is added to make sure that key_id is
a hexadecimal number). I still doubt we really need to run any
checks on the provided GPG key: typical gpg usage includes
importing keys from untrusted key servers.

Attachment: 0001-Encrypt-message-with-GPG-key-when-available.patch
Description: Text Data

Attachment: signature.asc
Description: Digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]