From kde-windows Mon Oct 15 09:02:29 2007 From: Oswald Buddenhagen Date: Mon, 15 Oct 2007 09:02:29 +0000 To: kde-windows Subject: Re: KShell & KMacroExpander - are we screwed? Message-Id: <20071015090229.GA3865 () ugly ! local> X-MARC-Message: https://marc.info/?l=kde-windows&m=119243896325781 On Mon, Oct 15, 2007 at 03:27:08AM +0200, Andreas Pakulat wrote: > On 15.10.07 01:09:15, Oswald Buddenhagen wrote: > > - you might not need to crack the system to change the env. the > > application might contain some bug that prods it into setenv()ing > > something silly. > > Well, a broken app can do all sorts of things, including rm -rf ~/Mail > when you switch the folder ;) I'm neither a cmd nor a sh guru, but I > suspect you can get an rm -rf / into a shell command as well with a bug > in the application. > yes, but it would be a *different* bug. > > > and especially not for the users. Those users would have to adopt > > > the commands and arguments to posix shell, which you can't really > > > expect from them. > > > > > you should consider that about 99% of the commands the user ever > > supplies will look like "foo %f", etc. > > If I recall correctly there %f won't be expanded, right? > hmm? that was a expando as used by printf, the desktop entry standard and whatever else. > Also that 99% are not from the whole userbase, but those that actually > need to provide a shell-thing somewhere, which IMHO is a rather small > number of people (compared to the whole kde/win32 userbase) > right, which is just in favor of my point. :) > > it only becomes a problem if somebody tries to execute complex shell > > constructs. but those able to do that are also able to learn the > > posix equivalents > > Actually I suspect those people that execute really complex shell > constructs on win32 use .bat files and don't try to write that down in > a lineedit... > probably. and it applies almost equally to unix. that's why i suspect nuking setShellCommand and providing proper support for batch files is sufficient. > Hmm, this discussion about the problems being rather > corner-case-situations for people that know their way around the win32 > cmd shell makes me wanting to do solution 1) more and more (i.e. > ignore the problems) > fine, but don't say i didn't warn you. :) btw, does the freeze apply to win-specific parts of kdelibs? -- Hi! I'm a .signature virus! Copy me into your ~/.signature, please! -- Chaos, panic, and disorder - my work here is done. _______________________________________________ Kde-windows mailing list Kde-windows@kde.org https://mail.kde.org/mailman/listinfo/kde-windows