]> cat aescling's git repositories - httpd-execline.git/commit
cat aescling's git repositories / httpd-execline.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 376b498) | patch
adjust hiding client input to satisfy toybox
authorsingle-right-quote <34298117+single-right-quote@users.noreply.github.com>
Wed, 8 Sep 2021 00:32:50 +0000 (00:32 +0000)
committersingle-right-quote <34298117+single-right-quote@users.noreply.github.com>
Wed, 8 Sep 2021 01:11:08 +0000 (01:11 +0000)
commit4bdf6c469143f404ba12b72aaadbe77d828d8c3b
tree58a25f3d720fb0e2f9b119a3e94cc311e7a8e58etree | snapshot
parent376b498583c13358cad526ad3d43dc5fe35990c7commit | diff
adjust hiding client input to satisfy toybox

when done reading from the client, we defensively close stdin, to
prevent potential bugs being exploitable to malicious input

toybox opens /dev/null if stdin does not exist, which crashes in a
chrooted evironment. piping in an empty string more or less
accomplishes the same thing as closing stdin would

i really do not know why toybox found this necessary.
visible-to-httpd/binaries/http-error-response.execline diff | blob | history
visible-to-httpd/binaries/httpd.execline diff | blob | history
an execline-based httpd, sans networking