*
* Use call chaining with this class for expressiveness:
* $result = Shell::command( 'some command' )
+ * ->input( 'foo' )
* ->environment( [ 'ENVIRONMENT_VARIABLE' => 'VALUE' ] )
* ->limits( [ 'time' => 300 ] )
* ->execute();
* Apply a default set of restrictions for improved
* security out of the box.
*
- * Equal to NO_ROOT | SECCOMP | PRIVATE_DEV
+ * Equal to NO_ROOT | SECCOMP | PRIVATE_DEV | NO_LOCALSETTINGS
*
* @note This value will change over time to provide increased security
* by default, and is not guaranteed to be backwards-compatible.
* @since 1.31
*/
- const RESTRICT_DEFAULT = 7;
+ const RESTRICT_DEFAULT = 39;
/**
* Disallow any root access. Any setuid binaries
*/
const NO_EXECVE = 16;
+ /**
+ * Deny access to LocalSettings.php (MW_CONFIG_FILE)
+ *
+ * @since 1.31
+ */
+ const NO_LOCALSETTINGS = 32;
+
/**
* Returns a new instance of Command class
*
* PHP 5.2.6+ (bug backported to earlier distro releases of PHP).
*
* @param string $args,... strings to escape and glue together, or a single array of
- * strings parameter
+ * strings parameter. Null values are ignored.
* @return string
*/
public static function escape( /* ... */ ) {
$first = true;
$retVal = '';
foreach ( $args as $arg ) {
+ if ( $arg === null ) {
+ continue;
+ }
if ( !$first ) {
$retVal .= ' ';
} else {