Details
-
Type:
Improvement
-
Status: Closed
-
Priority:
Trivial
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: EJBCA 6.11.1
-
Component/s: CA GUI
-
Labels:None
-
Environment:All
-
Issue discovered during:Testing
-
Sprint:EJBCA Sprint 5
Description
ExternalCommandCertifciateValidator still allows external commands like 'openssl'. GeneralPurposeCustomPublisher avoids this with a simple File("<path>").exists() check, so only exiting script files or symlinks can be called and not an arbitrary command. Therefore this check has to be implemented for ExternalCommandCertifciateValidator as well and the test classes needs to be updated.