author | Shawn O. Pearce <spearce@spearce.org> | |
Sun, 9 Sep 2007 03:47:00 +0000 (23:47 -0400) | ||
committer | Shawn O. Pearce <spearce@spearce.org> | |
Sun, 9 Sep 2007 03:47:10 +0000 (23:47 -0400) | ||
commit | cff93397ab185898fd93b6a260cc6f3068c4ac30 | |
tree | 90771c571bc950d86ec3edc1988b0434bc77df69 | tree | snapshot |
parent | 0b883ab30c869c4f22a19e49aedc1604d335cd91 | commit | diff |
git-gui: Disable Tk send in all git-gui sessions
The Tk designers blessed us with the "send" command, which on X11
will allow anyone who can connect to your X server to evaluate any
Tcl code they desire within any running Tk process. This is just
plain nuts. If git-gui wants someone running Tcl code within it
then would ask someone to supply that Tcl code to it; waiting for
someone to drop any random Tcl code into us is not fantastic idea.
By renaming send to the empty name the procedure will be removed
from the global namespace and Tk will stop responding to random Tcl
evaluation requests sent through the X server. Since there is no
facility to filter these requests it is unlikely that we will ever
consider enabling this command.
Signed-off-by: Shawn O. Pearce <spearce@spearce.org>
The Tk designers blessed us with the "send" command, which on X11
will allow anyone who can connect to your X server to evaluate any
Tcl code they desire within any running Tk process. This is just
plain nuts. If git-gui wants someone running Tcl code within it
then would ask someone to supply that Tcl code to it; waiting for
someone to drop any random Tcl code into us is not fantastic idea.
By renaming send to the empty name the procedure will be removed
from the global namespace and Tk will stop responding to random Tcl
evaluation requests sent through the X server. Since there is no
facility to filter these requests it is unlikely that we will ever
consider enabling this command.
Signed-off-by: Shawn O. Pearce <spearce@spearce.org>
git-gui.sh | diff | blob | history |