KDE 3.1: delayed

Waldo Bastian bastian at kde.org
Fri Dec 6 00:27:12 GMT 2002

On Friday 06 December 2002 01:07, Charles Samuels wrote:
> Hash: SHA1
> On Thursday 05 December 2002 3:44, Dirk Mueller wrote:
> > On November 26th, we've been notified by FozZy from the "Hackademy
> > Audit Project" about security problems in KDE.
> I'd like to know, out of curiosity's sake, what this problem actually is.
> Unless there's reason to believe that if you divulge it, people would take
> advantage of it, that is.

The idea is that you must properly quote program arguments before passing them 
to a shell if you want to rule out the possibility that they are being 
interpreted as shell commands themselves.

bastian at kde.org -=|[ SuSE, The Linux Desktop Experts ]|=- bastian at suse.com

More information about the kde-core-devel mailing list