mirror of
https://github.com/discourse/discourse.git
synced 2024-12-16 02:03:45 +08:00
SECURITY: Don't use backticks for exporting your archive
This commit is contained in:
parent
0f6a2b912a
commit
c14d98354b
|
@ -48,8 +48,7 @@ module Jobs
|
|||
end
|
||||
|
||||
# compress CSV file
|
||||
`gzip -5 #{absolute_path}`
|
||||
|
||||
system('gzip', '-5', absolute_path)
|
||||
ensure
|
||||
notify_user(file_name, absolute_path)
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue
Block a user