summaryrefslogtreecommitdiffstats
path: root/generic
diff options
context:
space:
mode:
authordkf <donal.k.fellows@manchester.ac.uk>2011-09-26 10:46:36 (GMT)
committerdkf <donal.k.fellows@manchester.ac.uk>2011-09-26 10:46:36 (GMT)
commit643c7a2aa4c7b5cb1412a098ecacd72dc5f09aac (patch)
treefefa07fe0a7c1d24f6f787f9521de1b302a1e4b3 /generic
parente3352567a2a3af2547b61485e6b91c0efd03533b (diff)
downloadtcl-643c7a2aa4c7b5cb1412a098ecacd72dc5f09aac.zip
tcl-643c7a2aa4c7b5cb1412a098ecacd72dc5f09aac.tar.gz
tcl-643c7a2aa4c7b5cb1412a098ecacd72dc5f09aac.tar.bz2
Make [file] itself be safe, to reduce breakage in existing code. [Bug 3211758]
Diffstat (limited to 'generic')
-rw-r--r--generic/tclCmdAH.c11
1 files changed, 11 insertions, 0 deletions
diff --git a/generic/tclCmdAH.c b/generic/tclCmdAH.c
index fc9d39d..d036bd6 100644
--- a/generic/tclCmdAH.c
+++ b/generic/tclCmdAH.c
@@ -1063,6 +1063,17 @@ TclMakeFileCommandSafe(
}
Tcl_DStringFree(&oldBuf);
Tcl_DStringFree(&newBuf);
+
+ /*
+ * Ugh. The [file] command is now actually safe, but it is assumed by
+ * scripts that it is not, which messes up security policies. [Bug
+ * 3211758]
+ */
+
+ if (Tcl_HideCommand(interp, "file", "file") != TCL_OK) {
+ Tcl_Panic("problem making 'file' safe: %s",
+ Tcl_GetString(Tcl_GetObjResult(interp)));
+ }
return TCL_OK;
}