Added escapeshellargs for security reasons

git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.6@19476 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/gosa-plugins/systems/admin/systems/services/class_goService.inc b/gosa-plugins/systems/admin/systems/services/class_goService.inc
index 1134f1cd7fc3927a1297dda5570c10732b632f3e..099bd3a39c6ce37aa287159adc29dc86cf2d0b43 100644 (file)
--- a/gosa-plugins/systems/admin/systems/services/class_goService.inc
+++ b/gosa-plugins/systems/admin/systems/services/class_goService.inc
@@ -224,7 +224,7 @@ class goService extends plugin{
         $attrs = get_object_vars($this);
         foreach($attrs as $name => $value){
           if(!is_string($value)) continue;
-          $command= preg_replace("/%$name/", $value, $command);
+          $command= preg_replace("/%$name/", escapeshellarg($value), $command);
         }
       }