aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xkiss4
1 files changed, 4 insertions, 0 deletions
diff --git a/kiss b/kiss
index dd3b6bd..fbd2ccb 100755
--- a/kiss
+++ b/kiss
@@ -84,6 +84,10 @@ root_cache() {
# Validate the password now with a simple 'true' command as we
# don't yet need to elevate permissions.
+ #
+ # Rather than checking if the '$pass' variable is non-empty,
+ # use an additional variable. The '[' command can be external
+ # which would result in '/proc' leakage.
dosu /bin/true && have_pw=1
}