On Sat, 19 Apr 1997, Dean Gaudet wrote:
> * suexec has lots of open PRs:
> PR#269, 319, 395: suexec and SSI problems
> PR#367, 368, 354: SEGV caused by suexec
> PR#341: documentation error? user confusion?
> PR#339: suexec doesn't work with QUERY_STRINGs
>
I've been told by the original reporter that if you remove ~ (tilde) from
the set of characters that need escaping, things will work correctly. i.e.
--- util.c Fri Apr 18 03:20:42 1997
+++ util.c.old Sun Mar 23 09:51:04 1997
@@ -711,8 +711,7 @@
}
#endif
- /* if(ind("&;`'\"|*?~<>^()[]{}$\\\n",cmd[x]) != -1){ */
- if(ind("&;`'\"|*?<>^()[]{}$\\\n",cmd[x]) != -1){
+ if(ind("&;`'\"|*?~<>^()[]{}$\\\n",cmd[x]) != -1){
for(y=l+1;y>x;y--)
cmd[y] = cmd[y-1];
Alternatively, suexec need to understand that some of its paramters might
be escaped.
Anand.
|