Dollar expansion (Was: Registry editor)
Oswald Buddenhagen
ossi at kde.org
Sun Apr 28 15:48:51 BST 2002
On Sun, Apr 28, 2002 at 04:18:21PM +0200, Martijn Klingens wrote:
> Add a [$b] to allow expanding backticks as in
>
> Name[$be]=`grep "^${USER}:" /etc/passwd | cut -d: -f5`
>
> ?
>
i'd prefer the posix shell $(command) syntax. backticks have some nasty
quotation implications.
> Thinking of this a bit more... I think there's a small security issue with
> Waldo's new options.
>
you're paranoid ... :)
> Waldo, suppose a sysadmin put the following in a config file in the
> global $KDEDIR:
>
> Hostname[$ie]=$HOSTNAME
>
why should this be a risk? the user can hurt himself only.
this would be only a problem for setuid programs, but a) a sysadmin
who blindly trust user-supplied data in a setuid program should be
killed and b) kdelibs does not support setuid progs anyway.
greetings
--
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
--
The problem with making software idiot-proof is that idiots are so clever.
More information about the kde-core-devel
mailing list