Roger Pettersson
Roger Pettersson
Hi Sanitize $script_type with "declare -f" makes it easy to inject own functions. One could easily exploit the script. ex. mycat(){ /bin/cat /etc/openvpn/credentials/password; }; \ export -f mycat; \ export...
rhash will break checking on special characters in linux. ```none $ touch 'd'$'\n''e' 'd'$'\r''e' ```