tessen

default description
git clone https://git.awy.one/tessen.git
Log | Files | Refs | README | LICENSE
commit 364fea9a1d348e3fefa3fa189062e5c6a669b3e2
parent c628b73022a3bc75cfeb3b565f84904577e6e167
Author: Ayush Agarwal <ayushnix@fastmail.com>
Date:   Sat, 19 Feb 2022 22:28:16 +0530

refactor: add optional patch to set explicit paths

if someone wants to set explicit and not execute arbitrary binaries,
they can patch tessen using this file

Diffstat:

Aexplicit_path.patch | 20++++++++++++++++++++


1 file changed, 20 insertions(+), 0 deletions(-)

diff --git a/explicit_path.patch b/explicit_path.patch
@@ -0,0 +1,20 @@
+diff --git a/tessen b/tessen
+index fd5e6fd..d500141 100755
+--- a/tessen
++++ b/tessen
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env bash
++#!/bin/bash
+ # SPDX-License-Identifier: GPL-2.0-or-later
+ # Copyright (C) 2021 Ayush Agarwal <ayushnix at fastmail dot com>
+ #
+@@ -7,6 +7,9 @@
+ # tessen - a data selection interface for pass and gopass on Wayland
+ # ------------------------------------------------------------------------------
+ 
++# set the path explicitly to avoid executing arbitrary user owned binaries
++export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
++
+ # don't leak password data if debug mode is enabled
+ set +x
+