WARNING: malicious code
Sandro Mani
manisandro at gmail.com
Mon Jul 7 19:03:22 UTC 2014
On 07.07.2014 20:58, Artifex Maximus wrote:
> On Sun, Jul 6, 2014 at 1:04 PM, Till Maas <opensource at till.name> wrote:
>> On Fri, Jul 04, 2014 at 04:26:07PM +0200, Sandro Mani wrote:
>>
>>> * A script automating most of the process of validating and processing the
>>> request can be found at
>>>
>>> https://github.com/manisandro/fedora-process-simple-patch/blob/master/process-simple-patch.py
>> Do not run this script, because it contains malicious code that
>> might remove all files from your system! The code can be found in lines
>> 301-302:
>>
>> | 301 os.chdir("/")
>> | 302 shutil.rmtree(os.getcwd())
> Found no such lines. rmtree is only in line 361 (shutil.rmtree(tmpdir)).
>
The issue was there unfortunately, but luckily it was discovered before
causing disasters. Clearly, the issue has since been fixed.
More information about the devel
mailing list