[mythtv-commits] Ticket #10677: Safely escape shell arguments
MythTV
noreply at mythtv.org
Tue May 1 18:11:49 UTC 2012
#10677: Safely escape shell arguments
------------------------------+-----------------------------
Reporter: github@… | Owner:
Type: Patch - Bug Fix | Status: closed
Priority: minor | Milestone: unknown
Component: MythTV - General | Version: Master Head
Severity: medium | Resolution: Won't Fix
Keywords: | Ticket locked: 0
------------------------------+-----------------------------
Changes (by wagnerrp):
* status: new => closed
* resolution: => Won't Fix
* milestone: => unknown
Comment:
I'm going to close this one as better shell escaping implies running
commands through a shell. Better to do internal expansion of the commands
and leave external shells completely out of the equation. The MythSystem
class supports this type of operation when the user supplies the command
as a QStringList, but does not yet have a lexical parser if the user
supplies it as a QString. It's something on my list of TODOs, but is
going to require a bit of additional work if it is going to support the
setting of environmental variables, IO piping, and other command line
syntax needed to be handled if it is to be a drop-in replacement for cases
where the user provides a full command string that is run unmodified.
--
Ticket URL: <http://code.mythtv.org/trac/ticket/10677#comment:3>
MythTV <http://code.mythtv.org/trac>
MythTV Media Center
More information about the mythtv-commits
mailing list