Aw: Re: New panel in trunk
Don Christensen
djc at cisco.com
Fri Oct 14 23:53:28 CEST 2005
Jasper Huijsmans wrote:
> Fabian Nowak schreef:
>
>>launcher: ~ is not evaluated, this means executing ~/bin/someappstarter
>>does not work, ~ has to be replaced manually.
>
>
> Yeah. The panel is not a shell. If we want this, it is probably easier
> to execute everything with /bin/sh.
It's also the easiest way to introduce security holes. You would be
better off just handling a few key things like maybe "~" and ENV var
expansion (without backtick evaluation, of course). You might be
able to snarf code from bash or somewhere--the beauty of open source,
right?
-Don
--
Don Christensen Senior Software Development Engineer
djc at cisco.com Cisco Systems, Santa Cruz, CA
"It was a new day yesterday, but it's an old day now."
More information about the Xfce4-dev
mailing list