| Thread overview |
|---|
February 21, 2007 [Issue 989] New: Security hole | ||||
|---|---|---|---|---|
| ||||
 | http://d.puremagic.com/issues/show_bug.cgi?id=989 Summary: Security hole Product: D Version: 1.007 Platform: PC OS/Version: Windows Status: NEW Severity: normal Priority: P2 Component: DMD AssignedTo: bugzilla@digitalmars.com ReportedBy: maxter@i.com.ua -- | |||
Permalink
ReplyFebruary 21, 2007 [Issue 989] Security hole | ||||
|---|---|---|---|---|
| ||||
Posted in reply to d-bugmail | http://d.puremagic.com/issues/show_bug.cgi?id=989 ------- Comment #1 from fvbommel@wxs.nl 2007-02-21 03:44 ------- A bit more information would probably be helpful... -- | |||
February 21, 2007 [Issue 989] Security hole | ||||
|---|---|---|---|---|
| ||||
Posted in reply to d-bugmail | http://d.puremagic.com/issues/show_bug.cgi?id=989 ------- Comment #2 from maxter@i.com.ua 2007-02-21 04:02 ------- Sorry, I just pushed the wrong button. The issue is that import() allows to escape to -Jpath's parent directories if "../" is used in import file name. But please don't disallow relative paths to subdirectories of -Jpath. -- | |||
March 19, 2007 [Issue 989] Security hole | ||||
|---|---|---|---|---|
| ||||
Posted in reply to d-bugmail | http://d.puremagic.com/issues/show_bug.cgi?id=989 bugzilla@digitalmars.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Comment #3 from bugzilla@digitalmars.com 2007-03-19 18:51 ------- This is disallowed in 1.009. -- | |||
Copyright © 1999-2021 by the D Language Foundation