From 45d4c0028eb1668e63eaa1dba584b78f7518b7c9 Mon Sep 17 00:00:00 2001
From: root <root@schaltschrank-pi>
Date: Sat, 4 Mar 2017 18:02:28 +0000
Subject: [PATCH] improved security

---
 command_watcher.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/command_watcher.sh b/command_watcher.sh
index 068db1e..230f20c 100755
--- a/command_watcher.sh
+++ b/command_watcher.sh
@@ -17,6 +17,10 @@ chmod 666 "$COMMAND_FILE"
 while true; do
 	while IFS='' read -r line || [[ -n "$line" ]]; do
 		echo "command received: $line"
+		if echo "$line" | grep "!" >/dev/null; then	# ! is used internally to execute shell commands!
+			echo "ERROR: illegal characters" >&2
+			continue
+		fi
 		case "$line" in
 			lounge_light_toggle)
 				lounge_light_toggle