From aa65a7057f3abba32726ed17853090bcb86992f9 Mon Sep 17 00:00:00 2001 From: aszlig Date: Sun, 16 Feb 2014 01:42:10 +0100 Subject: vm/windows: Properly escape shell command. Security-wise it's not a big issue because we're still sandboxed, but I really don't want to write something like \\\\\\\\192.168.0.2\\\\share in order to set up network shares. Signed-off-by: aszlig --- pkgs/build-support/vm/windows/controller/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'pkgs/build-support/vm') diff --git a/pkgs/build-support/vm/windows/controller/default.nix b/pkgs/build-support/vm/windows/controller/default.nix index 22451e0e3947..6abf87f82c87 100644 --- a/pkgs/build-support/vm/windows/controller/default.nix +++ b/pkgs/build-support/vm/windows/controller/default.nix @@ -57,6 +57,8 @@ let }; }; + shellEscape = x: "'${lib.replaceChars ["'"] [("'\\'" + "'")] x}'"; + initScript = writeScript "init.sh" ('' #!${stdenv.shell} ${coreutils}/bin/mkdir -p /etc/samba /etc/samba/private /var/lib/samba @@ -104,7 +106,7 @@ let -o StrictHostKeyChecking=no \ -i /ssh.key \ -l Administrator \ - 192.168.0.1 -- "${command}" + 192.168.0.1 -- ${shellEscape command} ${busybox}/sbin/poweroff -f '')); -- cgit 1.4.1