[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kfm-devel
Subject:    Re: KIOSlave errors an konqueror's handling of them
From:       Hans Meine <hans_meine () gmx ! net>
Date:       2002-01-31 16:28:52
[Download RAW message or body]

Hamish Rodda <meddie@yoyo.cc.monash.edu.au> writes:
> >> Now, is there any way I could include active links to KDE services, such
> >> as control panel options, without being validly criticised for introducing
> >> security concerns?
> >
> >I think there should be no problem, you can simply add a bool that
> > authorizes execution of programs and scripts w/o confirmation, and setting
> > this bool to true in showError().
> 
> Good, this is getting pretty interesting...

..and useful for the user. But be sure to quote external strings
carefully as so. might try to create an exploit with an invalid URL
for example containing malicious HTML fragments.

Hmm, some day we were even talking about an interface for highlighting
widgets (even in other apps) from local HTML files, no?
/me has a new idea..

-- 
Ciao,  /  /
      /--/
     /  / ANS                          .,* Hamburg, Germany *,.
[prev in list] [next in list] [prev in thread] [next in thread]