.desktop security changes are committed
Michael Pyne
mpyne at purinchu.net
Mon Feb 23 01:58:45 GMT 2009
On Sunday 22 February 2009, John Tapsell wrote:
> 2009/2/22 Michael Pyne <BALEETED>:
> > "This will start the program '%s'. If you are unsure of the origin, click
> > Cancel."
>
> Could you try to sanitize %s somewhat? Strip out ' and " characters,
> cut it to 10 or so characters etc. Try to make it difficult for
> social engineering through the program name.
Sure, shouldn't be too hard.
Regards,
- Michael Pyne
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20090222/287b5d32/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20090222/287b5d32/attachment.sig>
More information about the kde-core-devel
mailing list