[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-windows
Subject:    Re: KShell & KMacroExpander - are we screwed?
From:       Oswald Buddenhagen <ossi () kde ! org>
Date:       2007-10-15 9:02:29
Message-ID: 20071015090229.GA3865 () ugly ! local
[Download RAW message or body]

On Mon, Oct 15, 2007 at 03:27:08AM +0200, Andreas Pakulat wrote:
> On 15.10.07 01:09:15, Oswald Buddenhagen wrote:
> > - you might not need to crack the system to change the env. the
> >   application might contain some bug that prods it into setenv()ing
> >   something silly.
> 
> Well, a broken app can do all sorts of things, including rm -rf ~/Mail
> when you switch the folder ;) I'm neither a cmd nor a sh guru, but I
> suspect you can get an rm -rf / into a shell command as well with a bug
> in the application.
> 
yes, but it would be a *different* bug.

> > > and especially not for the users. Those users would have to adopt
> > > the commands and arguments to posix shell, which you can't really
> > > expect from them.
> > > 
> > you should consider that about 99% of the commands the user ever
> > supplies will look like "foo %f", etc.
> 
> If I recall correctly there %f won't be expanded, right?
>
hmm? that was a expando as used by printf, the desktop entry standard
and whatever else.

> Also that 99% are not from the whole userbase, but those that actually
> need to provide a shell-thing somewhere, which IMHO is a rather small
> number of people (compared to the whole kde/win32 userbase)
> 
right, which is just in favor of my point. :)

> > it only becomes a problem if somebody tries to execute complex shell
> > constructs. but those able to do that are also able to learn the
> > posix equivalents
> 
> Actually I suspect those people that execute really complex shell
> constructs on win32 use .bat files and don't try to write that down in
> a lineedit...
> 
probably. and it applies almost equally to unix. that's why i suspect
nuking setShellCommand and providing proper support for batch files is
sufficient.

> Hmm, this discussion about the problems being rather
> corner-case-situations for people that know their way around the win32
> cmd shell makes me wanting to do solution 1) more and more (i.e.
> ignore the problems)
> 
fine, but don't say i didn't warn you. :)

btw, does the freeze apply to win-specific parts of kdelibs?

-- 
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
--
Chaos, panic, and disorder - my work here is done.
_______________________________________________
Kde-windows mailing list
Kde-windows@kde.org
https://mail.kde.org/mailman/listinfo/kde-windows
[prev in list] [next in list] [prev in thread] [next in thread]