[konsole] [Bug 456373] pasted command executes after GUI-app exits
Holger
bugzilla_noreply at kde.org
Mon Jul 11 20:36:04 BST 2022
https://bugs.kde.org/show_bug.cgi?id=456373
--- Comment #2 from Holger <private_lock at yahoo.com> ---
OK, so this bracketed paste shall prevent immediate execution of pasted text.
Pasting into an application like an editor, that does not understand this
protocol, seems to be fine, as it will most likely not execute commands. So
disabling the protection seems reasonable.
As we see, some programs like glxgears ignore console input all together and
only dump a few messages out. That is also unproblematic - still no one is
executing the stuff.
Now, here is the catch: After the program exits, the shell e.g. bash should
re-enable the bracketed paste protocol. How come, they don't wipe out the
buffers and instead run what is left in there? Isn't this still a security
hole?
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the konsole-devel
mailing list