cgi-bin/text-to-html-filter.cgi: security check on path prefix
This commit is contained in:
parent
ba336825f1
commit
9a8139f571
@ -4,7 +4,7 @@ ext=${file/*.}
|
||||
range=10000
|
||||
filename="/var/www/www.openmamba.org/$file"
|
||||
filename_check=`readlink -f $filename`
|
||||
[ "${filename_check:0:27}" = "/mnt/sdc1/ftp/pub/openmamba" ] || exit 0
|
||||
[ "${filename_check:0:22}" = "/var/ftp/pub/openmamba" ] || exit 0
|
||||
if [ "$page" ]; then
|
||||
[ $page -gt 0 ] || page=1
|
||||
else
|
||||
|
Loading…
Reference in New Issue
Block a user