source.dussan.org Git - nextcloud-server.git/commit

]> source.dussan.org Git - nextcloud-server.git/commit

projects / nextcloud-server.git / commit

author	Glandos <bugs-github@antipoul.fr>
	Wed, 15 Feb 2023 22:37:13 +0000 (23:37 +0100)
committer	GitHub <noreply@github.com>
	Wed, 15 Feb 2023 22:37:13 +0000 (23:37 +0100)
commit	528e66859bdf912b422efaa5e0ba833eef939735
tree	db31e206597c34109bf85e7d6ea40a189a1670f2	tree \| snapshot
parent	b36a31c918ad997e6d227dc7923791c487e18e51	commit \| diff

Use proc_open to avoid spawning a shell

The use of `exec` will spawn a shell, using `/bin/sh` on POSIX platforms. But in restricted environment, such as AppArmor, this means giving execution to `/bin/sh`, which renders the execution restriction quite useless.
Using an array with `proc_open` reduces this, and paved the way for file streaming instead of temporary file.

Signed-off-by: Glandos <bugs-github@antipoul.fr>

lib/private/Preview/Movie.php

diff | blob | history

Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server

RSS Atom