[ aramo ]
[ Pakiet źródłowy: golang-github-cli-safeexec ]
Pakiet: golang-github-cli-safeexec-dev (1.0.0-2)
Odnośniki dla golang-github-cli-safeexec-dev
Zasoby systemu Trisquel:
- Install using apturl
- Entry at directory.fsf.org
- Raporty o błędach
- Changelog
- Informacje nt. praw autorskich
Pobieranie pakietu źródłowego golang-github-cli-safeexec:
- [golang-github-cli-safeexec_1.0.0-2.dsc]
- [golang-github-cli-safeexec_1.0.0.orig.tar.gz]
- [golang-github-cli-safeexec_1.0.0-2.debian.tar.xz]
Opiekun:
Original Maintainers:
- Debian Go Packaging Team
- Anthony Fok
Zasoby zewnętrzne:
- Strona internetowa [github.com]
Podobne pakiety:
safer version of exec.LookPath on Windows
safeexec is a Go module that provides a safer alternative to exec.LookPath() on Windows.
The following, relatively common approach to running external commands has a subtle vulnerability on Windows:
import "os/exec"
func gitStatus() error {
// On Windows, this will result in .\git.exe or .\git.bat being executed
// if either were found in the current working directory.
cmd := exec.Command("git", "status") return cmd.Run()
}
Searching the current directory (surprising behavior) before searching folders listed in the PATH environment variable (expected behavior) seems to be intended in Go and unlikely to be changed: https://github.com/golang/go/issues/38736
Since Go does not provide a version of exec.LookPath() that only searches PATH and does not search the current working directory, this module provides a LookPath function that works consistently across platforms.
Example use:
import (
"os/exec" "github.com/cli/safeexec"
)
func gitStatus() error {
gitBin, err := safeexec.LookPath("git")
if err != nil {
return err
}
cmd := exec.Command(gitBin, "status")
return cmd.Run()
}
Pobieranie golang-github-cli-safeexec-dev
| Architektura | Rozmiar pakietu | Rozmiar po instalacji | Pliki |
|---|---|---|---|
| all | 5,2 KiB | 31 KiB | [lista plików] |