| Subject: | Security flaw |
mode_shell actually uses the shell, thus one can use `STUFF` or $THINGS in a search string and thus execute `STUFF` etc.
At line ~634 this:
chomp (@results = `$locate_cmd`)
should be this, or thereabouts:
open RES,"-|","slocate",'-d',$db,$opt_str,$search_term; chomp( @results=<RES> ); close RES;
At line ~634 this:
chomp (@results = `$locate_cmd`)
should be this, or thereabouts:
open RES,"-|","slocate",'-d',$db,$opt_str,$search_term; chomp( @results=<RES> ); close RES;
This breaks the usage of generate_locate_cmd which should likely be split into executable path and /(-q -d|-q --database=)/ etc.
At this point it seems better to stop using File::Locate(::Harder|) period and simply use code similar to above, as File::Locate seems broken for slocate and does not support mlocate.
[sm]locate itself seems to have broken regexp too =[