Added restrict_file_access to becommands' execute() args.

+ associated adjustments in other files. See cmdutil.restrict_file_access.__doc__ for an explanation of the security hole this closes.
author: W. Trevor King <wking@drexel.edu> 2009-11-21 15:18:02 -0500
committer: W. Trevor King <wking@drexel.edu> 2009-11-21 15:18:02 -0500
commit: 614d4e40e148520ac511cbe0606bcbdcf24c8a08 (patch)
tree: 84742af3feb5cb65b4bba6ce9a5d9854060f569b /interfaces
parent: bb8dd5066f730f9bb0ac0398bf9a167e9736a808 (diff)
download: bugseverywhere-614d4e40e148520ac511cbe0606bcbdcf24c8a08.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/interfaces/email/interactive/be-handle-mail b/interfaces/email/interactive/be-handle-mail
index bd37f55..e0e3490 100755
--- a/interfaces/email/interactive/be-handle-mail
+++ b/interfaces/email/interactive/be-handle-mail
@@ -242,7 +242,8 @@ class Command (object):
         os.chdir(BE_DIR)
         try:
             self.ret = libbe.cmdutil.execute(self.command, self.args,
-                                             manipulate_encodings=False)
+                                             manipulate_encodings=False,
+                                             restrict_file_access=True)
         except libbe.cmdutil.GetHelp:
             print libbe.cmdutil.help(command)
         except libbe.cmdutil.GetCompletions:
author	W. Trevor King <wking@drexel.edu>	2009-11-21 15:18:02 -0500
committer	W. Trevor King <wking@drexel.edu>	2009-11-21 15:18:02 -0500
commit	614d4e40e148520ac511cbe0606bcbdcf24c8a08 (patch)
tree	84742af3feb5cb65b4bba6ce9a5d9854060f569b /interfaces
parent	bb8dd5066f730f9bb0ac0398bf9a167e9736a808 (diff)
download	bugseverywhere-614d4e40e148520ac511cbe0606bcbdcf24c8a08.tar.gz