[Bug 3529949]: Defang 'file dirname ~' etc in safe interps

author: dkf <donal.k.fellows@manchester.ac.uk> 2012-05-28 13:17:59 (GMT)
committer: dkf <donal.k.fellows@manchester.ac.uk> 2012-05-28 13:17:59 (GMT)
commit: d2671297206026b44157d1a47ba3720c8159d508 (patch)
tree: e5911d1d60c84659ed8bad2d8eb634050e556e0c /ChangeLog
parent: 27312fa939f40f22a19c293959bfdced6ba15730 (diff)
download: tcl-d2671297206026b44157d1a47ba3720c8159d508.zip
tcl-d2671297206026b44157d1a47ba3720c8159d508.tar.gz
tcl-d2671297206026b44157d1a47ba3720c8159d508.tar.bz2
1 files changed, 6 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 2958fa0..9405ed9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2012-05-28  Donal K. Fellows  <dkf@users.sf.net>
+
+	* library/safe.tcl (safe::AliasFileSubcommand): [Bug 3529949]: Made a
+	more sophisticated method for preventing information leakage; it
+	changes references to "~user" into "./~user", which is safe.
+
 2012-05-25  Donal K. Fellows  <dkf@users.sf.net>
 
 	* doc/namespace.n, doc/Ensemble.3: [Bug 3528418]: Document what is
author	dkf <donal.k.fellows@manchester.ac.uk>	2012-05-28 13:17:59 (GMT)
committer	dkf <donal.k.fellows@manchester.ac.uk>	2012-05-28 13:17:59 (GMT)
commit	d2671297206026b44157d1a47ba3720c8159d508 (patch)
tree	e5911d1d60c84659ed8bad2d8eb634050e556e0c /ChangeLog
parent	27312fa939f40f22a19c293959bfdced6ba15730 (diff)
download	tcl-d2671297206026b44157d1a47ba3720c8159d508.zip tcl-d2671297206026b44157d1a47ba3720c8159d508.tar.gz tcl-d2671297206026b44157d1a47ba3720c8159d508.tar.bz2