-
-
Notifications
You must be signed in to change notification settings - Fork 7.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added ability to exec arbitrary commands from templates. #847
Conversation
I'm still worried about this. I'm punting on this until after the v0.13 release is out. I'm thinking more of having a few dedicated exec based functions... like "grep"... but then concerned about how it would work with systems like windows which don't have them available. |
@yml the datafiles can also be set in themes. So any white list would have to live in global config. |
@bep good call. Would checking the |
49b4f8e
to
93e41a1
Compare
Closing this PR as we won't be merging, as is. Lacks safeguards. The security issues needs more thought and discussion. |
This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
No description provided.