Issue 6 in django-pki: Openssl fields escaping

4 views
Skip to first unread message

djang...@googlecode.com

unread,
Apr 5, 2010, 12:04:54 AM4/5/10
to djang...@googlegroups.com
Status: Accepted
Owner: lwarxx
Labels: Type-Defect Priority-Medium

New issue 6 by lwarxx: Openssl fields escaping
http://code.google.com/p/django-pki/issues/detail?id=6

We should review all code which passes cleaned form fields to openssl
executable.

For example, try this one for the password field:

" >/tmp/1.txt #

We might consider using stdin or temporary files, or at least state this
issue in documentation.

--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings

djang...@googlecode.com

unread,
Apr 5, 2010, 12:38:20 AM4/5/10
to djang...@googlegroups.com

Comment #1 on issue 6 by lwarxx: Openssl fields escaping
http://code.google.com/p/django-pki/issues/detail?id=6

Maybe shell=True in subprocess.Popen calls isn't necessary?

djang...@googlecode.com

unread,
Apr 6, 2010, 6:52:32 AM4/6/10
to djang...@googlegroups.com
Updates:
Owner: d.k3rwin

Comment #2 on issue 6 by d.k3rwin: Openssl fields escaping
http://code.google.com/p/django-pki/issues/detail?id=6

(No comment was entered for this change.)

djang...@googlecode.com

unread,
Apr 9, 2010, 8:30:25 AM4/9/10
to djang...@googlegroups.com
Updates:
Status: Fixed

Comment #3 on issue 6 by d.k3rwin: Openssl fields escaping
http://code.google.com/p/django-pki/issues/detail?id=6

Fixed by checkin 36. ENV variable to Popen is now used

Reply all
Reply to author
Forward
0 new messages