Commit 7fc7e680 authored by Tails developers's avatar Tails developers

Validate data (that we are gonna source) from NetworkManager.

parent 1bab40b3
...@@ -95,6 +95,14 @@ fi ...@@ -95,6 +95,14 @@ fi
# Get the DNS servers that was obtained from NetworkManager, if any... # Get the DNS servers that was obtained from NetworkManager, if any...
if [ -r "${NM_ENV_FILE}" ]; then if [ -r "${NM_ENV_FILE}" ]; then
# We also check that the file we are gonna *source* doesn't
# contain any unexpected data, like (potentially malicious) shell
# script. Note that while the regex used for deciding IP addresses
# is far from perfect, it serves our purpose here.
IP4_REGEX='[0-9]\{1,3\}\(\.[0-9]\{1,3\}\)\{3\}'
if grep -v "^IP4_NAMESERVERS=\"${IP4_REGEX}\"$" "${NM_ENV_FILE}"; then
error "`gettext \"NetworkManager passed us garbage data when trying to deduce the clearnet DNS server.\"`"
fi
# Import the IP4_NAMESERVERS variable. # Import the IP4_NAMESERVERS variable.
. "${NM_ENV_FILE}" . "${NM_ENV_FILE}"
fi fi
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment