lib/boxafe/encfs.rb in boxafe-0.1.3 vs lib/boxafe/encfs.rb in boxafe-0.1.4
- old
+ new
@@ -6,17 +6,18 @@
def initialize options = {}
@options = options
end
def command
- [ encfs_config, @options[:encfs], %/"#{@options[:root]}"/, %/"#{@options[:mount]}"/, extpass, '--', volname ].compact.join ' '
+ # TODO: use shellwords for binary, test escaping
+ [ encfs_config, @options[:encfs], Shellwords.escape(@options[:root]), Shellwords.escape(@options[:mount]), extpass, '--', volname ].compact.join ' '
end
private
def volname
- %/-ovolname="#{@options[:volume]}"/
+ %/-ovolname=#{Shellwords.escape @options[:volume]}/
end
def extpass
if @options[:keychain]
%*--extpass="security 2>&1 >/dev/null find-generic-password -gl '#{@options[:keychain]}' |grep password|cut -d \\\\\\" -f 2"*
@@ -24,8 +25,8 @@
nil
end
end
def encfs_config
- @options[:encfs_config] ? %/ENCFS6_CONFIG="#{File.expand_path @options[:encfs_config]}"/ : nil
+ @options[:encfs_config] ? %/ENCFS6_CONFIG=#{Shellwords.escape File.expand_path(@options[:encfs_config])}/ : nil
end
end