[Commotion-admin] [commotion-apps] Consider re-writing the commotion-service-parser Bash script in another scripting language such as Python and running this script as a low-rights user (#14)
areynold
notifications at github.com
Mon Sep 9 20:40:55 UTC 2013
A large number of dangerous shell functions, complex parsing methods and other risks contribute to this recommendation. This should also be considered high-risk code, as the output from avahi-client is parsed, and such data is shared and broadcast between routers. If a vulnerability is located within this code, it may allow a single attacker or compromised mesh Ad-Hoc network to take control of all the mesh routers.
---
Reply to this email directly or view it on GitHub:
https://github.com/opentechinstitute/commotion-apps/issues/14
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/commotion-admin/attachments/20130909/4e164655/attachment-0001.html>
More information about the Commotion-admin
mailing list