KDE 3.1: delayed
Wolfgang.Mueller2 at uni-bayreuth.de
Fri Dec 6 08:06:36 GMT 2002
> The idea is that you must properly quote program arguments before passing
> them to a shell if you want to rule out the possibility that they are being
> interpreted as shell commands themselves.
So will there be some kind of KSafePopen class for KDE (I mean a class in
which you are using fork, execve and dup instead of popen)? This could be
kool for lazy coders. It would also enforce the safe use of popen, as you
could simply grep all new commits for popen outside comments and reject
patches containing popen.
What do you think about that?
More information about the kde-core-devel