* José de Paula <[EMAIL PROTECTED]> [2004-07-25 18:03 -0300]: > On Mon, 19 Jul 2004 15:15:04 +0200, Jilles Tjoelker <[EMAIL PROTECTED]> wrote: > <snip> > > > > There are some options which can pose a security risk, including but not > > limited to cdpath, tempdir, path and shell. You should make a list of > > "safe" options and only allow those in modelines. > > Thanks for the feedback, stay tuned for nvi modelines improvement! As > soon as I have enough time, I'm going to take some forbidden options > (for now, they are cdpath, directory, shell, backup and path. Please > tell me what other options would be unsafe) and quietly strip them > from the modeline.
Please follow the above suggestion and make a list of safe options and disallow everything else. Nicolas _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
