scottk/Mailu
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/Mailu.git synced 2025-10-30 17:47:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

snuffleupagus 11

Browse Source
This commit is contained in:
Florent Daigniere
2024-11-16 22:11:13 +01:00
parent aa52bbb731
commit 9a928f8c7b
3 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/base/Dockerfile
View File

@@ -27,7 +27,7 @@ CMD /bin/bash
FROM system as build FROM system as build
ARG MAILU_DEPS=prod ARG MAILU_DEPS=prod
ARG SNUFFLEUPAGUS_VERSION=0.10.0 ARG SNUFFLEUPAGUS_VERSION=0.11.0
ENV VIRTUAL_ENV=/app/venv ENV VIRTUAL_ENV=/app/venv

1
towncrier/newsfragments/3647.misc Normal file
View File

@@ -0,0 +1 @@
Upgrade to snuffleupagus 0.11, filter php:// wrapper types

2
webmails/snuffleupagus.rules
View File

@@ -26,6 +26,8 @@ sp.readonly_exec.enable();
# PHP has a lot of wrappers, most of them aren't usually useful, you should # PHP has a lot of wrappers, most of them aren't usually useful, you should
# only enable the ones you're using. # only enable the ones you're using.
sp.wrappers_whitelist.list("file,php,phar,mailsosubstreams,mailsoliteral,mailsotempfile,mailsobinary"); sp.wrappers_whitelist.list("file,php,phar,mailsosubstreams,mailsoliteral,mailsotempfile,mailsobinary");
# The "php" wrapper can be further filtered: we probably don't want 'filter' nor 'fd'
sp.wrappers_whitelist.php_list("stdout,stdin,stderr,input,output,memory,temp");
# Prevent sloppy comparisons. # Prevent sloppy comparisons.
sp.sloppy_comparison.enable(); sp.sloppy_comparison.enable();