diff options
| -rw-r--r-- | doc/de/autogen/user/relay_options.adoc | 2 | ||||
| -rw-r--r-- | doc/en/autogen/user/relay_options.adoc | 2 | ||||
| -rw-r--r-- | doc/fr/autogen/user/relay_options.adoc | 2 | ||||
| -rw-r--r-- | doc/it/autogen/user/relay_options.adoc | 2 | ||||
| -rw-r--r-- | doc/ja/autogen/user/relay_options.adoc | 2 | ||||
| -rw-r--r-- | doc/pl/autogen/user/relay_options.adoc | 2 | ||||
| -rw-r--r-- | src/plugins/relay/relay-config.c | 22 |
7 files changed, 26 insertions, 8 deletions
diff --git a/doc/de/autogen/user/relay_options.adoc b/doc/de/autogen/user/relay_options.adoc index 6c56c6377..10c18ab64 100644 --- a/doc/de/autogen/user/relay_options.adoc +++ b/doc/de/autogen/user/relay_options.adoc @@ -186,4 +186,4 @@ ** Beschreibung: pass:none[durch Kommata getrennte Liste von Befehlen die erlaubt/verboten sind wenn Daten (Text oder Befehl) vom Client empfangen werden; "*" bedeutet alle Befehle sind erlaubt, beginnt ein Befehl hingegen mit "!" wird die Auswahl umgekehrt und der Befehl wird nicht ausgeführt, der Platzhalter "*" ist erlaubt; standardmäßig sind einige Befehle nicht erlaubt (die zu einem denial of service oder einer remote code execution führen können, wenn der Client nicht vertrauenswürdig ist)] ** Typ: Zeichenkette ** Werte: beliebige Zeichenkette -** Standardwert: `+"*,!exec,!fset,!set,!unset,!plugin,!script,!python,!perl,!ruby,!lua,!tcl,!guile,!javascript,!php,!secure,!upgrade,!quit"+` +** Standardwert: `+"*,!exec,!fset,!guile,!javascript,!lua,!perl,!php,!plugin,!python,!quit,!repeat,!ruby,!script,!secure,!set,!tcl,!unset,!upgrade,!wait"+` diff --git a/doc/en/autogen/user/relay_options.adoc b/doc/en/autogen/user/relay_options.adoc index 0de413c16..a977e270c 100644 --- a/doc/en/autogen/user/relay_options.adoc +++ b/doc/en/autogen/user/relay_options.adoc @@ -186,4 +186,4 @@ ** description: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default some commands are not allowed (they could lead to denial of service or remote code execution if the client is not trusted)] ** type: string ** values: any string -** default value: `+"*,!exec,!fset,!set,!unset,!plugin,!script,!python,!perl,!ruby,!lua,!tcl,!guile,!javascript,!php,!secure,!upgrade,!quit"+` +** default value: `+"*,!exec,!fset,!guile,!javascript,!lua,!perl,!php,!plugin,!python,!quit,!repeat,!ruby,!script,!secure,!set,!tcl,!unset,!upgrade,!wait"+` diff --git a/doc/fr/autogen/user/relay_options.adoc b/doc/fr/autogen/user/relay_options.adoc index 2aa3f7f80..913a82d35 100644 --- a/doc/fr/autogen/user/relay_options.adoc +++ b/doc/fr/autogen/user/relay_options.adoc @@ -186,4 +186,4 @@ ** description: pass:none[liste des commandes autorisées/interdites lorsque qu'une entrée de données (texte ou commande) est reçue du client (séparées par des virgules) ; "*" signifie toutes les commandes, un nom commençant par "!" est une valeur négative pour empêcher une commande d'être exécutée, le caractère joker "*" est autorisé dans les noms ; par défaut certaines commandes ne sont pas autorisées (elles pourraient conduire à un déni de service ou l'exécution de commandes à distance si le client n'est pas sûr)] ** type: chaîne ** valeurs: toute chaîne -** valeur par défaut: `+"*,!exec,!fset,!set,!unset,!plugin,!script,!python,!perl,!ruby,!lua,!tcl,!guile,!javascript,!php,!secure,!upgrade,!quit"+` +** valeur par défaut: `+"*,!exec,!fset,!guile,!javascript,!lua,!perl,!php,!plugin,!python,!quit,!repeat,!ruby,!script,!secure,!set,!tcl,!unset,!upgrade,!wait"+` diff --git a/doc/it/autogen/user/relay_options.adoc b/doc/it/autogen/user/relay_options.adoc index d990c1167..63d54ed32 100644 --- a/doc/it/autogen/user/relay_options.adoc +++ b/doc/it/autogen/user/relay_options.adoc @@ -186,4 +186,4 @@ ** descrizione: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default some commands are not allowed (they could lead to denial of service or remote code execution if the client is not trusted)] ** tipo: stringa ** valori: qualsiasi stringa -** valore predefinito: `+"*,!exec,!fset,!set,!unset,!plugin,!script,!python,!perl,!ruby,!lua,!tcl,!guile,!javascript,!php,!secure,!upgrade,!quit"+` +** valore predefinito: `+"*,!exec,!fset,!guile,!javascript,!lua,!perl,!php,!plugin,!python,!quit,!repeat,!ruby,!script,!secure,!set,!tcl,!unset,!upgrade,!wait"+` diff --git a/doc/ja/autogen/user/relay_options.adoc b/doc/ja/autogen/user/relay_options.adoc index b385b0e3f..ef217699a 100644 --- a/doc/ja/autogen/user/relay_options.adoc +++ b/doc/ja/autogen/user/relay_options.adoc @@ -186,4 +186,4 @@ ** 説明: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default some commands are not allowed (they could lead to denial of service or remote code execution if the client is not trusted)] ** タイプ: 文字列 ** 値: 未制約文字列 -** デフォルト値: `+"*,!exec,!fset,!set,!unset,!plugin,!script,!python,!perl,!ruby,!lua,!tcl,!guile,!javascript,!php,!secure,!upgrade,!quit"+` +** デフォルト値: `+"*,!exec,!fset,!guile,!javascript,!lua,!perl,!php,!plugin,!python,!quit,!repeat,!ruby,!script,!secure,!set,!tcl,!unset,!upgrade,!wait"+` diff --git a/doc/pl/autogen/user/relay_options.adoc b/doc/pl/autogen/user/relay_options.adoc index c4b56c7d1..cd08c10b4 100644 --- a/doc/pl/autogen/user/relay_options.adoc +++ b/doc/pl/autogen/user/relay_options.adoc @@ -186,4 +186,4 @@ ** opis: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default some commands are not allowed (they could lead to denial of service or remote code execution if the client is not trusted)] ** typ: ciąg ** wartości: dowolny ciąg -** domyślna wartość: `+"*,!exec,!fset,!set,!unset,!plugin,!script,!python,!perl,!ruby,!lua,!tcl,!guile,!javascript,!php,!secure,!upgrade,!quit"+` +** domyślna wartość: `+"*,!exec,!fset,!guile,!javascript,!lua,!perl,!php,!plugin,!python,!quit,!repeat,!ruby,!script,!secure,!set,!tcl,!unset,!upgrade,!wait"+` diff --git a/src/plugins/relay/relay-config.c b/src/plugins/relay/relay-config.c index bce42c2b0..8e96ce8d7 100644 --- a/src/plugins/relay/relay-config.c +++ b/src/plugins/relay/relay-config.c @@ -1043,8 +1043,26 @@ relay_config_init () "are not allowed (they could lead to denial of service or remote " "code execution if the client is not trusted)"), NULL, 0, 0, - "*,!exec,!fset,!set,!unset,!plugin,!script,!python,!perl,!ruby,!lua," - "!tcl,!guile,!javascript,!php,!secure,!upgrade,!quit", + "*," + "!exec," + "!fset," + "!guile," + "!javascript," + "!lua," + "!perl," + "!php," + "!plugin," + "!python," + "!quit," + "!repeat," + "!ruby," + "!script," + "!secure," + "!set," + "!tcl," + "!unset," + "!upgrade," + "!wait", NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, |