Merge pull request #1487 from puppetlabs/maint-harden_config_class

Harden config class

Author: david22swan

manifests/server/config.pp

@@ -39,14 +39,19 @@
       if $managed_dirs {
         $managed_dirs.each | $entry | {
           $dir = $options['mysqld']["${entry}"]
+
           if ( $dir and $dir != '/usr' and $dir != '/tmp' ) {
+            $clean_dir = shell_escape($dir)
+            $clean_package_name = shell_escape($mysql::server::package_name)
+
             exec { "${entry}-managed_dir-mkdir":
-              command => "/bin/mkdir -p ${dir}",
-              unless  => "/usr/bin/dpkg -s ${mysql::server::package_name}",
+              command => ['/bin/mkdir', '-p', $clean_dir],
+              unless  => [['/usr/bin/dpkg', '-s', $clean_package_name]],
               notify  => Exec["${entry}-managed_dir-chmod"],
             }
+
             exec { "${entry}-managed_dir-chmod":
-              command     => "/bin/chmod 777 ${dir}",
+              command     => ['/bin/chmod', '777', $clean_dir],
               refreshonly => true,
             }
           }