From dd44c1db16d0ec9359f6403337bbff59f98a389b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Helleu?= Date: Sat, 9 Mar 2019 17:51:40 +0100 Subject: [PATCH] relay: add extra forbidden commands in weechat protocol (issue #928) Commands were already forbidden (option relay.weechat.commands): - /exec - /upgrade - /quit These extra commands are now forbidden by default: - /fset - /set - /unset - /plugin - /script - /python - /perl - /ruby - /lua - /tcl - /guile - /javascript - /php - /secure --- doc/de/autogen/user/relay_options.adoc | 4 ++-- doc/en/autogen/user/relay_options.adoc | 4 ++-- doc/fr/autogen/user/relay_options.adoc | 4 ++-- doc/it/autogen/user/relay_options.adoc | 4 ++-- doc/ja/autogen/user/relay_options.adoc | 4 ++-- doc/pl/autogen/user/relay_options.adoc | 4 ++-- po/cs.po | 8 ++++---- po/de.po | 9 +++++---- po/es.po | 8 ++++---- po/fr.po | 16 ++++++++-------- po/hu.po | 8 ++++---- po/it.po | 8 ++++---- po/ja.po | 8 ++++---- po/pl.po | 8 ++++---- po/pt.po | 8 ++++---- po/pt_BR.po | 8 ++++---- po/ru.po | 8 ++++---- po/tr.po | 8 ++++---- po/weechat.pot | 8 ++++---- src/plugins/relay/relay-config.c | 12 +++++++----- 20 files changed, 76 insertions(+), 73 deletions(-) diff --git a/doc/de/autogen/user/relay_options.adoc b/doc/de/autogen/user/relay_options.adoc index 6aa5677b4..f065875e7 100644 --- a/doc/de/autogen/user/relay_options.adoc +++ b/doc/de/autogen/user/relay_options.adoc @@ -183,7 +183,7 @@ ** Standardwert: `+""+` * [[option_relay.weechat.commands]] *relay.weechat.commands* -** Beschreibung: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default all commands are allowed except /exec, /upgrade and /quit (which could lead to denial of service or remote code execution if the client is not trusted)] +** Beschreibung: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default some commands are not allowed (they could lead to denial of service or remote code execution if the client is not trusted)] ** Typ: Zeichenkette ** Werte: beliebige Zeichenkette -** Standardwert: `+"*,!exec,!upgrade,!quit"+` +** Standardwert: `+"*,!exec,!fset,!set,!unset,!plugin,!script,!python,!perl,!ruby,!lua,!tcl,!guile,!javascript,!php,!secure,!upgrade,!quit"+` diff --git a/doc/en/autogen/user/relay_options.adoc b/doc/en/autogen/user/relay_options.adoc index c47fbbb87..0de413c16 100644 --- a/doc/en/autogen/user/relay_options.adoc +++ b/doc/en/autogen/user/relay_options.adoc @@ -183,7 +183,7 @@ ** default value: `+""+` * [[option_relay.weechat.commands]] *relay.weechat.commands* -** description: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default all commands are allowed except /exec, /upgrade and /quit (which could lead to denial of service or remote code execution if the client is not trusted)] +** description: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default some commands are not allowed (they could lead to denial of service or remote code execution if the client is not trusted)] ** type: string ** values: any string -** default value: `+"*,!exec,!upgrade,!quit"+` +** default value: `+"*,!exec,!fset,!set,!unset,!plugin,!script,!python,!perl,!ruby,!lua,!tcl,!guile,!javascript,!php,!secure,!upgrade,!quit"+` diff --git a/doc/fr/autogen/user/relay_options.adoc b/doc/fr/autogen/user/relay_options.adoc index 9192d8349..2aa3f7f80 100644 --- a/doc/fr/autogen/user/relay_options.adoc +++ b/doc/fr/autogen/user/relay_options.adoc @@ -183,7 +183,7 @@ ** valeur par défaut: `+""+` * [[option_relay.weechat.commands]] *relay.weechat.commands* -** description: pass:none[liste des commandes autorisées/interdites lorsque qu'une entrée de données (texte ou commande) est reçue du client (séparées par des virgules) ; "*" signifie toutes les commandes, un nom commençant par "!" est une valeur négative pour empêcher une commande d'être exécutée, le caractère joker "*" est autorisé dans les noms ; par défaut toutes les commandes sont autorisées sauf /exec, /upgrade et /quit (ce qui pourrait conduire à un déni de service ou l'exécution de commandes à distance si le client n'est pas sûr)] +** description: pass:none[liste des commandes autorisées/interdites lorsque qu'une entrée de données (texte ou commande) est reçue du client (séparées par des virgules) ; "*" signifie toutes les commandes, un nom commençant par "!" est une valeur négative pour empêcher une commande d'être exécutée, le caractère joker "*" est autorisé dans les noms ; par défaut certaines commandes ne sont pas autorisées (elles pourraient conduire à un déni de service ou l'exécution de commandes à distance si le client n'est pas sûr)] ** type: chaîne ** valeurs: toute chaîne -** valeur par défaut: `+"*,!exec,!upgrade,!quit"+` +** valeur par défaut: `+"*,!exec,!fset,!set,!unset,!plugin,!script,!python,!perl,!ruby,!lua,!tcl,!guile,!javascript,!php,!secure,!upgrade,!quit"+` diff --git a/doc/it/autogen/user/relay_options.adoc b/doc/it/autogen/user/relay_options.adoc index 23c494af4..d990c1167 100644 --- a/doc/it/autogen/user/relay_options.adoc +++ b/doc/it/autogen/user/relay_options.adoc @@ -183,7 +183,7 @@ ** valore predefinito: `+""+` * [[option_relay.weechat.commands]] *relay.weechat.commands* -** descrizione: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default all commands are allowed except /exec, /upgrade and /quit (which could lead to denial of service or remote code execution if the client is not trusted)] +** descrizione: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default some commands are not allowed (they could lead to denial of service or remote code execution if the client is not trusted)] ** tipo: stringa ** valori: qualsiasi stringa -** valore predefinito: `+"*,!exec,!upgrade,!quit"+` +** valore predefinito: `+"*,!exec,!fset,!set,!unset,!plugin,!script,!python,!perl,!ruby,!lua,!tcl,!guile,!javascript,!php,!secure,!upgrade,!quit"+` diff --git a/doc/ja/autogen/user/relay_options.adoc b/doc/ja/autogen/user/relay_options.adoc index 84235c4cc..b385b0e3f 100644 --- a/doc/ja/autogen/user/relay_options.adoc +++ b/doc/ja/autogen/user/relay_options.adoc @@ -183,7 +183,7 @@ ** デフォルト値: `+""+` * [[option_relay.weechat.commands]] *relay.weechat.commands* -** 説明: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default all commands are allowed except /exec, /upgrade and /quit (which could lead to denial of service or remote code execution if the client is not trusted)] +** 説明: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default some commands are not allowed (they could lead to denial of service or remote code execution if the client is not trusted)] ** タイプ: 文字列 ** 値: 未制約文字列 -** デフォルト値: `+"*,!exec,!upgrade,!quit"+` +** デフォルト値: `+"*,!exec,!fset,!set,!unset,!plugin,!script,!python,!perl,!ruby,!lua,!tcl,!guile,!javascript,!php,!secure,!upgrade,!quit"+` diff --git a/doc/pl/autogen/user/relay_options.adoc b/doc/pl/autogen/user/relay_options.adoc index fb0cf5d8c..c4b56c7d1 100644 --- a/doc/pl/autogen/user/relay_options.adoc +++ b/doc/pl/autogen/user/relay_options.adoc @@ -183,7 +183,7 @@ ** domyślna wartość: `+""+` * [[option_relay.weechat.commands]] *relay.weechat.commands* -** opis: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default all commands are allowed except /exec, /upgrade and /quit (which could lead to denial of service or remote code execution if the client is not trusted)] +** opis: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default some commands are not allowed (they could lead to denial of service or remote code execution if the client is not trusted)] ** typ: ciąg ** wartości: dowolny ciąg -** domyślna wartość: `+"*,!exec,!upgrade,!quit"+` +** domyślna wartość: `+"*,!exec,!fset,!set,!unset,!plugin,!script,!python,!perl,!ruby,!lua,!tcl,!guile,!javascript,!php,!secure,!upgrade,!quit"+` diff --git a/po/cs.po b/po/cs.po index 7a98b1528..26a5aaeb8 100644 --- a/po/cs.po +++ b/po/cs.po @@ -21,7 +21,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2019-02-28 20:53+0100\n" +"POT-Creation-Date: 2019-03-09 17:49+0100\n" "PO-Revision-Date: 2019-02-28 20:53+0100\n" "Last-Translator: Ondřej Súkup \n" "Language-Team: weechat-dev \n" @@ -10868,9 +10868,9 @@ msgid "" "comma-separated list of commands allowed/denied when input data (text or " "command) is received from a client; \"*\" means any command, a name " "beginning with \"!\" is a negative value to prevent a command from being " -"executed, wildcard \"*\" is allowed in names; by default all commands are " -"allowed except /exec, /upgrade and /quit (which could lead to denial of " -"service or remote code execution if the client is not trusted)" +"executed, wildcard \"*\" is allowed in names; by default some commands are " +"not allowed (they could lead to denial of service or remote code execution " +"if the client is not trusted)" msgstr "" #, fuzzy diff --git a/po/de.po b/po/de.po index 61eb2f143..0d90f6c99 100644 --- a/po/de.po +++ b/po/de.po @@ -24,7 +24,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2019-02-28 20:53+0100\n" +"POT-Creation-Date: 2019-03-09 17:49+0100\n" "PO-Revision-Date: 2019-02-28 21:25+0100\n" "Last-Translator: Nils Görs \n" "Language-Team: German \n" @@ -12768,13 +12768,14 @@ msgstr "" "gesendet wird); keine Zeichenkette = deaktiviert die Zeitanzeige im " "Verlaufsspeicher" +#, fuzzy msgid "" "comma-separated list of commands allowed/denied when input data (text or " "command) is received from a client; \"*\" means any command, a name " "beginning with \"!\" is a negative value to prevent a command from being " -"executed, wildcard \"*\" is allowed in names; by default all commands are " -"allowed except /exec, /upgrade and /quit (which could lead to denial of " -"service or remote code execution if the client is not trusted)" +"executed, wildcard \"*\" is allowed in names; by default some commands are " +"not allowed (they could lead to denial of service or remote code execution " +"if the client is not trusted)" msgstr "" "durch Kommata getrennte Liste von Befehlen die erlaubt/verboten sind wenn " "Daten (Text oder Befehl) vom Client empfangen werden; \"*\" bedeutet alle " diff --git a/po/es.po b/po/es.po index 42b8e1a6a..248f35eb9 100644 --- a/po/es.po +++ b/po/es.po @@ -22,7 +22,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2019-02-28 20:53+0100\n" +"POT-Creation-Date: 2019-03-09 17:49+0100\n" "PO-Revision-Date: 2019-02-28 20:53+0100\n" "Last-Translator: Elián Hanisch \n" "Language-Team: weechat-dev \n" @@ -11221,9 +11221,9 @@ msgid "" "comma-separated list of commands allowed/denied when input data (text or " "command) is received from a client; \"*\" means any command, a name " "beginning with \"!\" is a negative value to prevent a command from being " -"executed, wildcard \"*\" is allowed in names; by default all commands are " -"allowed except /exec, /upgrade and /quit (which could lead to denial of " -"service or remote code execution if the client is not trusted)" +"executed, wildcard \"*\" is allowed in names; by default some commands are " +"not allowed (they could lead to denial of service or remote code execution " +"if the client is not trusted)" msgstr "" #, fuzzy diff --git a/po/fr.po b/po/fr.po index 4883a7463..8d9f950cc 100644 --- a/po/fr.po +++ b/po/fr.po @@ -21,8 +21,8 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2019-02-28 20:53+0100\n" -"PO-Revision-Date: 2019-02-28 20:53+0100\n" +"POT-Creation-Date: 2019-03-09 17:49+0100\n" +"PO-Revision-Date: 2019-03-09 17:51+0100\n" "Last-Translator: Sébastien Helleu \n" "Language-Team: weechat-dev \n" "Language: fr\n" @@ -12495,17 +12495,17 @@ msgid "" "comma-separated list of commands allowed/denied when input data (text or " "command) is received from a client; \"*\" means any command, a name " "beginning with \"!\" is a negative value to prevent a command from being " -"executed, wildcard \"*\" is allowed in names; by default all commands are " -"allowed except /exec, /upgrade and /quit (which could lead to denial of " -"service or remote code execution if the client is not trusted)" +"executed, wildcard \"*\" is allowed in names; by default some commands are " +"not allowed (they could lead to denial of service or remote code execution " +"if the client is not trusted)" msgstr "" "liste des commandes autorisées/interdites lorsque qu'une entrée de données " "(texte ou commande) est reçue du client (séparées par des virgules) ; \"*\" " "signifie toutes les commandes, un nom commençant par \"!\" est une valeur " "négative pour empêcher une commande d'être exécutée, le caractère joker \"*" -"\" est autorisé dans les noms ; par défaut toutes les commandes sont " -"autorisées sauf /exec, /upgrade et /quit (ce qui pourrait conduire à un déni " -"de service ou l'exécution de commandes à distance si le client n'est pas sûr)" +"\" est autorisé dans les noms ; par défaut certaines commandes ne sont pas " +"autorisées (elles pourraient conduire à un déni de service ou l'exécution de " +"commandes à distance si le client n'est pas sûr)" msgid "number of clients for relay" msgstr "nombre de clients pour le relai" diff --git a/po/hu.po b/po/hu.po index 5b81d50fc..5af9ff860 100644 --- a/po/hu.po +++ b/po/hu.po @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2019-02-28 20:53+0100\n" +"POT-Creation-Date: 2019-03-09 17:49+0100\n" "PO-Revision-Date: 2019-02-28 20:18+0100\n" "Last-Translator: Andras Voroskoi \n" "Language-Team: weechat-dev \n" @@ -10227,9 +10227,9 @@ msgid "" "comma-separated list of commands allowed/denied when input data (text or " "command) is received from a client; \"*\" means any command, a name " "beginning with \"!\" is a negative value to prevent a command from being " -"executed, wildcard \"*\" is allowed in names; by default all commands are " -"allowed except /exec, /upgrade and /quit (which could lead to denial of " -"service or remote code execution if the client is not trusted)" +"executed, wildcard \"*\" is allowed in names; by default some commands are " +"not allowed (they could lead to denial of service or remote code execution " +"if the client is not trusted)" msgstr "" #, fuzzy diff --git a/po/it.po b/po/it.po index 256d9a5e3..cb42ff357 100644 --- a/po/it.po +++ b/po/it.po @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2019-02-28 20:53+0100\n" +"POT-Creation-Date: 2019-03-09 17:49+0100\n" "PO-Revision-Date: 2019-02-28 20:53+0100\n" "Last-Translator: Esteban I. Ruiz Moreno \n" "Language-Team: weechat-dev \n" @@ -11423,9 +11423,9 @@ msgid "" "comma-separated list of commands allowed/denied when input data (text or " "command) is received from a client; \"*\" means any command, a name " "beginning with \"!\" is a negative value to prevent a command from being " -"executed, wildcard \"*\" is allowed in names; by default all commands are " -"allowed except /exec, /upgrade and /quit (which could lead to denial of " -"service or remote code execution if the client is not trusted)" +"executed, wildcard \"*\" is allowed in names; by default some commands are " +"not allowed (they could lead to denial of service or remote code execution " +"if the client is not trusted)" msgstr "" #, fuzzy diff --git a/po/ja.po b/po/ja.po index ad4531729..08349c77d 100644 --- a/po/ja.po +++ b/po/ja.po @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2019-02-28 20:53+0100\n" +"POT-Creation-Date: 2019-03-09 17:49+0100\n" "PO-Revision-Date: 2019-02-28 20:53+0100\n" "Last-Translator: AYANOKOUZI, Ryuunosuke \n" "Language-Team: Japanese \n" "Language-Team: Polish \n" @@ -12227,9 +12227,9 @@ msgid "" "comma-separated list of commands allowed/denied when input data (text or " "command) is received from a client; \"*\" means any command, a name " "beginning with \"!\" is a negative value to prevent a command from being " -"executed, wildcard \"*\" is allowed in names; by default all commands are " -"allowed except /exec, /upgrade and /quit (which could lead to denial of " -"service or remote code execution if the client is not trusted)" +"executed, wildcard \"*\" is allowed in names; by default some commands are " +"not allowed (they could lead to denial of service or remote code execution " +"if the client is not trusted)" msgstr "" msgid "number of clients for relay" diff --git a/po/pt.po b/po/pt.po index a8395195c..e9367b9d6 100644 --- a/po/pt.po +++ b/po/pt.po @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2019-02-28 20:53+0100\n" +"POT-Creation-Date: 2019-03-09 17:49+0100\n" "PO-Revision-Date: 2019-02-28 20:53+0100\n" "Last-Translator: Vasco Almeida \n" "Language-Team: Portuguese <>\n" @@ -11883,9 +11883,9 @@ msgid "" "comma-separated list of commands allowed/denied when input data (text or " "command) is received from a client; \"*\" means any command, a name " "beginning with \"!\" is a negative value to prevent a command from being " -"executed, wildcard \"*\" is allowed in names; by default all commands are " -"allowed except /exec, /upgrade and /quit (which could lead to denial of " -"service or remote code execution if the client is not trusted)" +"executed, wildcard \"*\" is allowed in names; by default some commands are " +"not allowed (they could lead to denial of service or remote code execution " +"if the client is not trusted)" msgstr "" msgid "number of clients for relay" diff --git a/po/pt_BR.po b/po/pt_BR.po index df7c74b70..df891778e 100644 --- a/po/pt_BR.po +++ b/po/pt_BR.po @@ -21,7 +21,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2019-02-28 20:53+0100\n" +"POT-Creation-Date: 2019-03-09 17:49+0100\n" "PO-Revision-Date: 2019-02-28 20:53+0100\n" "Last-Translator: Eduardo Elias \n" "Language-Team: weechat-dev \n" @@ -10676,9 +10676,9 @@ msgid "" "comma-separated list of commands allowed/denied when input data (text or " "command) is received from a client; \"*\" means any command, a name " "beginning with \"!\" is a negative value to prevent a command from being " -"executed, wildcard \"*\" is allowed in names; by default all commands are " -"allowed except /exec, /upgrade and /quit (which could lead to denial of " -"service or remote code execution if the client is not trusted)" +"executed, wildcard \"*\" is allowed in names; by default some commands are " +"not allowed (they could lead to denial of service or remote code execution " +"if the client is not trusted)" msgstr "" #, fuzzy diff --git a/po/ru.po b/po/ru.po index e7e1e8f42..da486c06c 100644 --- a/po/ru.po +++ b/po/ru.po @@ -21,7 +21,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2019-02-28 20:53+0100\n" +"POT-Creation-Date: 2019-03-09 17:49+0100\n" "PO-Revision-Date: 2019-02-28 20:19+0100\n" "Last-Translator: Aleksey V Zapparov AKA ixti \n" "Language-Team: weechat-dev \n" @@ -10260,9 +10260,9 @@ msgid "" "comma-separated list of commands allowed/denied when input data (text or " "command) is received from a client; \"*\" means any command, a name " "beginning with \"!\" is a negative value to prevent a command from being " -"executed, wildcard \"*\" is allowed in names; by default all commands are " -"allowed except /exec, /upgrade and /quit (which could lead to denial of " -"service or remote code execution if the client is not trusted)" +"executed, wildcard \"*\" is allowed in names; by default some commands are " +"not allowed (they could lead to denial of service or remote code execution " +"if the client is not trusted)" msgstr "" #, fuzzy diff --git a/po/tr.po b/po/tr.po index 1c1b7f198..8406684e1 100644 --- a/po/tr.po +++ b/po/tr.po @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2019-02-28 20:53+0100\n" +"POT-Creation-Date: 2019-03-09 17:49+0100\n" "PO-Revision-Date: 2019-01-29 21:05+0100\n" "Last-Translator: Hasan Kiran \n" "Language-Team: weechat-dev \n" @@ -9322,9 +9322,9 @@ msgid "" "comma-separated list of commands allowed/denied when input data (text or " "command) is received from a client; \"*\" means any command, a name " "beginning with \"!\" is a negative value to prevent a command from being " -"executed, wildcard \"*\" is allowed in names; by default all commands are " -"allowed except /exec, /upgrade and /quit (which could lead to denial of " -"service or remote code execution if the client is not trusted)" +"executed, wildcard \"*\" is allowed in names; by default some commands are " +"not allowed (they could lead to denial of service or remote code execution " +"if the client is not trusted)" msgstr "" msgid "number of clients for relay" diff --git a/po/weechat.pot b/po/weechat.pot index e97398512..8f26318b6 100644 --- a/po/weechat.pot +++ b/po/weechat.pot @@ -21,7 +21,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2019-02-28 20:53+0100\n" +"POT-Creation-Date: 2019-03-09 17:49+0100\n" "PO-Revision-Date: 2014-08-16 10:27+0200\n" "Last-Translator: Sébastien Helleu \n" "Language-Team: weechat-dev \n" @@ -9189,9 +9189,9 @@ msgid "" "comma-separated list of commands allowed/denied when input data (text or " "command) is received from a client; \"*\" means any command, a name " "beginning with \"!\" is a negative value to prevent a command from being " -"executed, wildcard \"*\" is allowed in names; by default all commands are " -"allowed except /exec, /upgrade and /quit (which could lead to denial of " -"service or remote code execution if the client is not trusted)" +"executed, wildcard \"*\" is allowed in names; by default some commands are " +"not allowed (they could lead to denial of service or remote code execution " +"if the client is not trusted)" msgstr "" msgid "number of clients for relay" diff --git a/src/plugins/relay/relay-config.c b/src/plugins/relay/relay-config.c index dccb025c5..05d145cc5 100644 --- a/src/plugins/relay/relay-config.c +++ b/src/plugins/relay/relay-config.c @@ -1029,11 +1029,13 @@ relay_config_init () "data (text or command) is received from a client; " "\"*\" means any command, a name beginning with \"!\" is " "a negative value to prevent a command from being executed, " - "wildcard \"*\" is allowed in names; by default all commands " - "are allowed except /exec, /upgrade and /quit (which could lead " - "to denial of service or remote code execution if the client is " - "not trusted)"), - NULL, 0, 0, "*,!exec,!upgrade,!quit", NULL, 0, + "wildcard \"*\" is allowed in names; by default some commands " + "are not allowed (they could lead to denial of service or remote " + "code execution if the client is not trusted)"), + NULL, 0, 0, + "*,!exec,!fset,!set,!unset,!plugin,!script,!python,!perl,!ruby,!lua," + "!tcl,!guile,!javascript,!php,!secure,!upgrade,!quit", + NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL);