Thanks for the quick reply!
On Thu, 16 Feb 2023 15:43:40 +0100
Tomas Kalibera wrote:
> Please see 83851 from earlier today which does a bit more of
> robustification, and if you find any problem in it, please let me
> know.
83851 is an improvement, but it does let single quotes through,
unfort
On 2/16/23 15:43, Tomas Kalibera wrote:
On 2/16/23 15:09, Ivan Krylov wrote:
Hello,
This is probably a very minor point, but R_CleanTempDir may still have
a shell injection in it. I couldn't find a way to shoot the user in the
foot in a significant way (by, say, accidentally removing ~), than
On 2/16/23 15:09, Ivan Krylov wrote:
Hello,
This is probably a very minor point, but R_CleanTempDir may still have
a shell injection in it. I couldn't find a way to shoot the user in the
foot in a significant way (by, say, accidentally removing ~), thanks to
R disallowing spaces in the path, but
Hello,
This is probably a very minor point, but R_CleanTempDir may still have
a shell injection in it. I couldn't find a way to shoot the user in the
foot in a significant way (by, say, accidentally removing ~), thanks to
R disallowing spaces in the path, but if Sys_TempDir somehow acquires a
valu
