From 94cf07d24bb9e47b5fe48ac8145464b37c205148 Mon Sep 17 00:00:00 2001
From: "dylan.araps@gmail.com" <dylan.araps@gmail.com>
Date: Mon, 27 Jan 2020 21:36:50 +0000
Subject: kiss: comment

FossilOrigin-Name: b4fd8ba4cc83a0cf450310464a1e2c19825486bcae7d484f3ad9169fd120dff5
---
 kiss | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'kiss')

diff --git a/kiss b/kiss
index dd3b6bd..fbd2ccb 100755
--- a/kiss
+++ b/kiss
@@ -84,6 +84,10 @@ root_cache() {
 
     # Validate the password now with a simple 'true' command as we
     # don't yet need to elevate permissions.
+    #
+    # Rather than checking if the '$pass' variable is non-empty,
+    # use an additional variable. The '[' command can be external
+    # which would result in '/proc' leakage.
     dosu /bin/true && have_pw=1
 }
 
-- 
cgit v1.2.3