diff options
| author | intrigeri <intrigeri@boum.org> | 2005-08-20 15:37:57 +0000 |
|---|---|---|
| committer | intrigeri <intrigeri@boum.org> | 2005-08-20 15:37:57 +0000 |
| commit | 6b6154879b591c79750b329f3ecce9a074de5cb3 (patch) | |
| tree | 31d53c48c1d172bb423d7ce9f4420a2a730fb133 /handlers | |
| parent | bfe530dc59b9cec4a0cbdfdaafb5addb0e4484b2 (diff) | |
| download | backupninja-6b6154879b591c79750b329f3ecce9a074de5cb3.tar.gz backupninja-6b6154879b591c79750b329f3ecce9a074de5cb3.tar.bz2 | |
Security fix: duplicity handler used to put the gpg passphase on the command line.
Diffstat (limited to 'handlers')
| -rw-r--r-- | handlers/dup | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/handlers/dup b/handlers/dup index 22f915f..176ac3e 100644 --- a/handlers/dup +++ b/handlers/dup @@ -131,17 +131,17 @@ execstr=${execstr//\\*/\\\\\\*} debug "duplicity $execstr --exclude '**' / $execstr_serverpart" if [ ! $test ]; then + export PASSPHRASE=$password output=`nice -n $nicelevel \ su -c \ - "export PASSPHRASE=$password \ - && duplicity $execstr --exclude '**' / $execstr_serverpart 2>&1"` + "duplicity $execstr --exclude '**' / $execstr_serverpart 2>&1"` code=$? - if [ "$code" == "0" ]; then + if [ $code -eq 0 ]; then debug $output info "Duplicity finished successfully." else - warning $output - warning "Duplicity failed." + debug $output + fatal "Duplicity failed." fi fi |