From a82813527551f0e79c6d6ed5a9c1162e3c171bcf Mon Sep 17 00:00:00 2001
From: james <james@e7ae566f-a301-0410-adde-c780ea21d3b5>
Date: Mon, 17 Nov 2008 04:28:07 +0000
Subject: * Added additional method parameter to --script-security to preserve 
  backward compatibility with system() call semantics used in OpenVPN  
 2.1_rc8 and earlier.  To preserve backward compatibility use:

    script-security 3 system


git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3495 e7ae566f-a301-0410-adde-c780ea21d3b5
---
 init.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'init.c')

diff --git a/init.c b/init.c
index 519dc8b..455712a 100644
--- a/init.c
+++ b/init.c
@@ -523,7 +523,7 @@ void
 init_options_dev (struct options *options)
 {
   if (!options->dev)
-    options->dev = dev_component_in_dev_node (options->dev_node);
+    options->dev = openvpn_basename (options->dev_node);
 }
 
 bool
@@ -2003,6 +2003,9 @@ do_option_warnings (struct context *c)
     msg (M_WARN, "WARNING: the current --script-security setting may allow passwords to be passed to scripts via environmental variables");
   else
     msg (M_WARN, "NOTE: " PACKAGE_NAME " 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables");
+
+  if (script_method == SM_SYSTEM)
+    msg (M_WARN, "NOTE: --script-security method='system' is deprecated due to the fact that passed parameters will be subject to shell expansion");
 }
 
 static void
-- 
cgit