src/tools.rs: add setup_safe_path_env()

2020-06-15 10:38:30 +02:00 · 2020-06-15 10:38:30 +02:00 · ac7513e368
parent fbbcd85839
commit ac7513e368
4 changed files with 14 additions and 0 deletions
--- a/src/bin/proxmox-backup-api.rs
+++ b/src/bin/proxmox-backup-api.rs
@ -14,6 +14,8 @@ use proxmox_backup::config;
 use proxmox_backup::buildcfg;
 fn main() {
    proxmox_backup::tools::setup_safe_path_env();
    if let Err(err) = proxmox_backup::tools::runtime::main(run()) {
        eprintln!("Error: {}", err);
        std::process::exit(-1);
--- a/src/bin/proxmox-backup-manager.rs
+++ b/src/bin/proxmox-backup-manager.rs
@ -321,6 +321,8 @@ async fn pull_datastore(
 fn main() {
    proxmox_backup::tools::setup_safe_path_env();
    let cmd_def = CliCommandMap::new()
        .insert("acl", acl_commands())
        .insert("datastore", datastore_commands())
--- a/src/bin/proxmox-backup-proxy.rs
+++ b/src/bin/proxmox-backup-proxy.rs
@ -18,6 +18,8 @@ use proxmox_backup::auth_helpers::*;
 use proxmox_backup::tools::disks::{ DiskManage, zfs_pool_stats };
 fn main() {
    proxmox_backup::tools::setup_safe_path_env();
    if let Err(err) = proxmox_backup::tools::runtime::main(run()) {
        eprintln!("Error: {}", err);
        std::process::exit(-1);
--- a/src/tools.rs
+++ b/src/tools.rs
@ -622,3 +622,11 @@ pub fn epoch_now_f64() -> Result<f64, SystemTimeError> {
 pub fn epoch_now_u64() -> Result<u64, SystemTimeError> {
    Ok(epoch_now()?.as_secs())
 }
 pub fn setup_safe_path_env() {
    std::env::set_var("PATH", "/sbin:/bin:/usr/sbin:/usr/bin");
    // Make %ENV safer - as suggested by https://perldoc.perl.org/perlsec.html
    for name in &["IFS", "CDPATH", "ENV", "BASH_ENV"] {
        std::env::remove_var(name);
    }
 }