Issue 6 in django-pki: Openssl fields escaping

[djang...@googlecode.com]

Status: Accepted
Owner: lwarxx
Labels: Type-Defect Priority-Medium

New issue 6 by lwarxx: Openssl fields escaping
http://code.google.com/p/django-pki/issues/detail?id=6

We should review all code which passes cleaned form fields to openssl
executable.

For example, try this one for the password field:

" >/tmp/1.txt #

We might consider using stdin or temporary files, or at least state this
issue in documentation.

--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings

[djang...@googlecode.com]

Comment #1 on issue 6 by lwarxx: Openssl fields escaping
http://code.google.com/p/django-pki/issues/detail?id=6

Maybe shell=True in subprocess.Popen calls isn't necessary?

[djang...@googlecode.com]

Updates:
Owner: d.k3rwin

Comment #2 on issue 6 by d.k3rwin: Openssl fields escaping
http://code.google.com/p/django-pki/issues/detail?id=6

(No comment was entered for this change.)

[djang...@googlecode.com]

Updates:
Status: Fixed

Comment #3 on issue 6 by d.k3rwin: Openssl fields escaping
http://code.google.com/p/django-pki/issues/detail?id=6

Fixed by checkin 36. ENV variable to Popen is now used