diff options
| author | Ayush Agarwal <ayushnix@fastmail.com> | 2022-02-19 22:28:16 +0530 |
|---|---|---|
| committer | Ayush Agarwal <ayushnix@fastmail.com> | 2022-02-19 22:48:32 +0530 |
| commit | 364fea9a1d348e3fefa3fa189062e5c6a669b3e2 (patch) | |
| tree | ade23b1dff8a47cd3d36fef45a78b80998ab037b | |
| parent | c628b73022a3bc75cfeb3b565f84904577e6e167 (diff) | |
refactor: add optional patch to set explicit paths
if someone wants to set explicit and not execute arbitrary binaries,
they can patch tessen using this file
| -rw-r--r-- | explicit_path.patch | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/explicit_path.patch b/explicit_path.patch new file mode 100644 index 0000000..ed1e404 --- /dev/null +++ b/explicit_path.patch @@ -0,0 +1,20 @@ +diff --git a/tessen b/tessen +index fd5e6fd..d500141 100755 +--- a/tessen ++++ b/tessen +@@ -1,4 +1,4 @@ +-#!/usr/bin/env bash ++#!/bin/bash + # SPDX-License-Identifier: GPL-2.0-or-later + # Copyright (C) 2021 Ayush Agarwal <ayushnix at fastmail dot com> + # +@@ -7,6 +7,9 @@ + # tessen - a data selection interface for pass and gopass on Wayland + # ------------------------------------------------------------------------------ + ++# set the path explicitly to avoid executing arbitrary user owned binaries ++export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ++ + # don't leak password data if debug mode is enabled + set +x + |