diff options
author | redmatrix <git@macgirvin.com> | 2016-04-04 16:17:50 -0700 |
---|---|---|
committer | redmatrix <git@macgirvin.com> | 2016-04-04 16:17:50 -0700 |
commit | 01ad485f6517caba49b1917818ceaa477e6cc846 (patch) | |
tree | 79c954236988e9cdf98dcbfb110eba944e7601fd | |
parent | 447c59fd9b6ccac981b274d82f52ce4dd00e8b4a (diff) | |
download | volse-hubzilla-01ad485f6517caba49b1917818ceaa477e6cc846.tar.gz volse-hubzilla-01ad485f6517caba49b1917818ceaa477e6cc846.tar.bz2 volse-hubzilla-01ad485f6517caba49b1917818ceaa477e6cc846.zip |
SECURITY: Do not link unknown and unverified code repositories to the project without some form of confirmation that one accepts the significant risks involved.
-rwxr-xr-x | util/add_addon_repo | 14 | ||||
-rwxr-xr-x | util/add_theme_repo | 14 | ||||
-rwxr-xr-x | util/add_widget_repo | 13 |
3 files changed, 36 insertions, 5 deletions
diff --git a/util/add_addon_repo b/util/add_addon_repo index decd9e091..a8dd9f49a 100755 --- a/util/add_addon_repo +++ b/util/add_addon_repo @@ -1,10 +1,21 @@ #!/bin/bash -f -if [ $# -ne 2 ]; then +if [ $# -lt 2 ]; then echo usage: $0 repo_url nickname exit 1 fi +if [[ $1 != *"//github.com/redmatrix"* && $3 != 'insecure' ]]; then + echo ""; + echo "This is NOT an official project repository."; + echo "In order to protect you from unverified and"; + echo "possibly malicious content, this repository"; + echo "will not be linked to your site unless you"; + echo "append the word 'insecure' to the command."; + echo ""; + exit 1 +fi + mkdir -p extend/addon/$2 mkdir addon > /dev/null 2>&1 git clone $1 extend/addon/$2 @@ -14,7 +25,6 @@ fi filelist=(`ls extend/addon/$2`) - cd addon for a in "${filelist[@]}" ; do base=`basename $a` diff --git a/util/add_theme_repo b/util/add_theme_repo index d41eba6d9..8280c447b 100755 --- a/util/add_theme_repo +++ b/util/add_theme_repo @@ -1,11 +1,21 @@ #!/bin/bash -f - -if [ $# -ne 2 ]; then +if [ $# -lt 2 ]; then echo usage: $0 repo_url nickname exit 1 fi +if [[ $1 != *"//github.com/redmatrix"* && $3 != 'insecure' ]]; then + echo ""; + echo "This is NOT an official project repository."; + echo "In order to protect you from unverified and"; + echo "possibly malicious content, this repository"; + echo "will not be linked to your site unless you"; + echo "append the word 'insecure' to the command."; + echo ""; + exit 1 +fi + mkdir -p extend/theme/$2 git clone $1 extend/theme/$2 if [ $? -ne 0 ]; then diff --git a/util/add_widget_repo b/util/add_widget_repo index 347e8e4e1..e7e316ba4 100755 --- a/util/add_widget_repo +++ b/util/add_widget_repo @@ -1,10 +1,21 @@ #!/bin/bash -f -if [ $# -ne 2 ]; then +if [ $# -lt 2 ]; then echo usage: $0 repo_url nickname exit 1 fi +if [[ $1 != *"//github.com/redmatrix"* && $3 != 'insecure' ]]; then + echo ""; + echo "This is NOT an official project repository."; + echo "In order to protect you from unverified and"; + echo "possibly malicious content, this repository"; + echo "will not be linked to your site unless you"; + echo "append the word 'insecure' to the command."; + echo ""; + exit 1 +fi + mkdir -p extend/widget/$2 mkdir widget > /dev/null 2>&1 git clone $1 extend/widget/$2 |