[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-hackers-public] On resetting passwords

From: Ineiev
Subject: Re: [Savannah-hackers-public] On resetting passwords
Date: Sun, 23 Apr 2017 02:21:56 -0400
User-agent: Mutt/1.5.21 (2010-09-15)

On Sat, Apr 08, 2017 at 08:20:45AM -0400, Ineiev wrote:
> On Sun, Mar 19, 2017 at 01:19:05PM -0400, Ineiev wrote:
> >
> > I'll need more hints to address points 3. (what more validation
> > and error checking could be used in the Perl script), 4. (I don't know
> > how we could usefully sanitize GPG input), 5. (how the 'open'
> > command should escape parameters before executing them as shell
> > commands).
> This is to address points 3. (more checking is added to the Perl
> script) and 5. (a check is added to make sure that key_id is
> a hexadecimal number). I still doubt we really need to run any
> checks on the provided GPG key: typical gpg usage includes
> importing keys from untrusted key servers.

I have no more amendments; if there are no further comments,
I'll push it.

Attachment: signature.asc
Description: Digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]