.desktop security changes are committed

Michael Pyne mpyne at purinchu.net
Mon Feb 23 01:58:45 GMT 2009


On Sunday 22 February 2009, John Tapsell wrote:
> 2009/2/22 Michael Pyne <BALEETED>:
> > "This will start the program '%s'. If you are unsure of the origin, click
> > Cancel."
>
> Could you try to sanitize %s somewhat?  Strip out ' and "  characters,
> cut it to 10 or so characters etc.  Try to make it difficult for
> social engineering through the program name.

Sure, shouldn't be too hard.

Regards,
 - Michael Pyne
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20090222/287b5d32/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20090222/287b5d32/attachment.sig>


More information about the kde-core-devel mailing list