[Git-commits] [grml/grml-etc-core] 38a1b6: Handle volatile characters in prompts with prompts...
Frank Terbeck
ft at grml.org
Sat Mar 25 17:47:47 CET 2017
Branch: refs/heads/master
Home: https://github.com/grml/grml-etc-core
Commit: 38a1b613f10a162812ce91075bdf3ec102126dc1
https://github.com/grml/grml-etc-core/commit/38a1b613f10a162812ce91075bdf3ec102126dc1
Author: Frank Terbeck <ft at grml.org>
Date: 2017-03-25 (Sat, 25 Mar 2017)
Changed paths:
M etc/zsh/zshrc
Log Message:
-----------
Handle volatile characters in prompts with promptsubst set
We don't set that option, but users may do it in .zshrc.local or similar.
The issue is that performing expansions on a prompt string is an exploitable
vulnerability, if you do not contol every part the prompt string is made up of.
This is what is demonstrated by
https://github.com/njhartwell/pw3nage
Per default, the code strips [$`] from a final prompt string, so you can't
really take advantage of prompt subst, even though you have it set. If the
prompt_subst option is not set, the code does not kick in at all.
If you want more control over which parts of the prompt are stripped, so you
can take control of prompt_subst, you can do that as well. Here's an example
that only strips the data returned from vcs_info:
zstyle ':prompt:grml:*:items:vcs' strip-sensitive-characters on
zstyle ':prompt:grml:*:setup' strip-sensitive-characters off
Now you can take advantage of prompt_subst in privately defined tokens (even
though I'd use a token that calls a function callback instead of inserting a
string that relies on prompt_subst — but that's just me).
Reported-by: Joerg Jaspert <joerg at debian.org>
More information about the Git-commits
mailing list