[Konsole-devel] [konsole] [Bug 318524] New: Secure, Flexible and Reviewable way for pasting commands into the terminal

Dimitri Nüscheler dimitri.nuescheler at sunrise.ch
Wed Apr 17 20:32:58 UTC 2013 

https://bugs.kde.org/show_bug.cgi?id=318524

            Bug ID: 318524
           Summary: Secure, Flexible and Reviewable way for pasting
                    commands into the terminal
    Classification: Unclassified
           Product: konsole
           Version: unspecified
          Platform: Debian testing
                OS: Linux
            Status: UNCONFIRMED
          Severity: wishlist
          Priority: NOR
         Component: copy-paste
          Assignee: konsole-devel at kde.org
          Reporter: dimitri.nuescheler at sunrise.ch

It should be possible to configure konsole in a way so it works well together
with online tutorials guiding the user with example commands.

I suggest that konsole allows a way of pasting where line by is inserted into
the shell rather than executing as LF is scanned.

Recommended behaviour:

As the user uses "Paste", the clipboard is appended to an initially empty
konsole-session owned buffer asserting that the last character is LF (append if
none there). If the buffer was empty:
Scan the buffer till the first LF, send that part to shell (LF excluded) and
delete from buffer (LF included). This step is called dequeue.

As the user sends Enter/Return to shell and the buffer is not empty: dequeue -
this should execute the first line and at the same time have the next line sent
to shell, but without the LF so it won't execute immediately.

On user request the buffer is cleared.

This improves security, because the user is able to review a command he copied
from an online tutorial which (if malicious) might contain commands which were
not visible as it was copied. (Secure)

If the command contains parts which should be modified to user needs, the user
is now able to. (Flexible)

After execution of a command, the user is able to review its execution and to
decide whether to proceed. (Reviewable)


Please either add as alternate way of pasting or make copy+paste configurable.
If experience shows that this way of pasting makes more sense for most
use-cases than the todays way, please consider making it the default.

Reproducible: Always

Actual Results:  
The default behaviour today is to send the whole clipboard to shell directly.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the konsole-devel mailing list