CRITICAL FIXES:
1. Add missing initialize_system_detection() call (launcher.sh)
- System detection was never initialized before building reference database
- This caused all SYS_* variables to be empty
- Fixed blank system detection output issue reported on Alma 8
2. Fix all unsafe read statements (launcher.sh - 10+ occurrences)
- Changed all 'read -r choice' to use /dev/tty with error handling
- Prevents crashes when stdin is piped (curl | bash)
- Prevents unexpected SSH session termination
- Gracefully returns instead of exiting
3. Fix remaining read -p statements (launcher.sh)
- Added </dev/tty and error suppression to startup and exit prompts
- Prevents hangs when terminal not available
SECURITY FIXES:
4. Fix SQL injection in database queries (reference-db.sh)
- Escape database names with backticks: WHERE table_schema=`$db`
- Prevents malicious database names from breaking SQL
5. Fix password exposure in process listings (reference-db.sh)
- Use MYSQL_PWD environment variable instead of command line
- Credentials no longer visible in ps aux output
- Added cleanup with unset MYSQL_PWD
6. Fix race condition in temp directory creation (common-functions.sh)
- Changed from mkdir -p to mktemp -d
- Secure permissions (0700) and unpredictable naming
- Prevents TOCTOU attacks
All changes validated with bash -n syntax checks
Production launcher now matches/exceeds beta stability
cschantz
eabddb553d