[Users] That won't work.

Dave Howorth dave at howorth.org.uk
Tue Oct 13 23:03:29 CEST 2020


On Tue, 13 Oct 2020 22:56:04 +0200
Michael Rasmussen via Users <users at lists.claws-mail.org> wrote:

> On Tue, 13 Oct 2020 21:52:43 +0100
> Dave Howorth <dave at howorth.org.uk> wrote:
> 
> > 
> > I don't think that is the problem here. The problem is that the
> > invoking program (claws) invokes a shell and passes it stringified
> > arguments (presumably prepended by the stringified command).
> >   
> This is exactly the problem I was proposing a solution for. A white
> list will filter away any arguments not allowed.

I expect I'm being dumb, but I don't understand what you're proposing
by 'a white list' in this context?

> Another solution could be borrowing taint/untaint from Perl.

I'm pretty familiar with that facility and again I'm not sure how it
could be made to help?


No chance of actually telling me where the code is then?


More information about the Users mailing list