logo

gemini-space

What lives at gemini://hacktivis.me/ git clone https://hacktivis.me/git/gemini-space.git
commit: e9cf0f8d8b9b60e858f379dbfeb2d061245dfd15
parent ecfb73c41023b24db89f011c7bff6b83d90a6c10
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date:   Sun, 21 Feb 2021 17:08:09 +0100

server.sh: Harden /cgi-bin/ with a chroot

Diffstat:

Mserver.sh5+++--
1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/server.sh b/server.sh @@ -11,6 +11,8 @@ # - Lastest known version of the specification: v0.14.3, November 29th 2020 export GEMDIR="/srv/gemini" +# Disable GNU-isms in executables +export POSIXLY_CORRECT=1 IFS=#' ' read -r line @@ -35,8 +37,7 @@ then then if [ -x "$path" -a -f "$path" ] then - cd "${GEMDIR}/" - env -i PATH=/var/empty/ "$query" + env -i PATH=/var/empty/ POSIXLY_CORRECT=1 /bin/chroot "${GEMDIR}/" "$query" status="x$?" else status="50"