[Buildbot-devel] Branch name restrictions
Jean-Paul Calderone
exarkun at divmod.com
Tue Jun 19 18:47:05 UTC 2007
On Tue, 19 Jun 2007 11:32:56 -0700, Mark Pauley <mpauley at apple.com> wrote:
>I would say that we should definitely at the very least block quote
>characters (or escape them) to prevent web-build based expoits.
>Those build-names are passed as args to forked commands.
They shouldn't be passed through a shell. I don't know that they /aren't/,
but there's no need for them to be.
Jean-Paul
More information about the devel
mailing list