diff options
author | markt <markt> | 2007-07-03 22:56:46 (GMT) |
---|---|---|
committer | markt <markt> | 2007-07-03 22:56:46 (GMT) |
commit | ae3c30423925960fe70262d1d7e4079b73531c37 (patch) | |
tree | 5fed3c090d9fd1af3833cfd6e81828781373e7be /src/FbCommandFactory.cc | |
parent | 823ce0d0175b9b14a549117a303cc9e36e81c1a2 (diff) | |
download | fluxbox-ae3c30423925960fe70262d1d7e4079b73531c37.zip fluxbox-ae3c30423925960fe70262d1d7e4079b73531c37.tar.bz2 |
some security fixes for fluxbox-remote, and a minor change for the gvim fix
Diffstat (limited to 'src/FbCommandFactory.cc')
-rw-r--r-- | src/FbCommandFactory.cc | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/src/FbCommandFactory.cc b/src/FbCommandFactory.cc index 1382c89..0257374 100644 --- a/src/FbCommandFactory.cc +++ b/src/FbCommandFactory.cc | |||
@@ -173,12 +173,12 @@ FbCommandFactory::FbCommandFactory() { | |||
173 | } | 173 | } |
174 | 174 | ||
175 | FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, | 175 | FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, |
176 | const std::string &arguments) { | 176 | const std::string &arguments, bool trusted) { |
177 | using namespace FbCommands; | 177 | using namespace FbCommands; |
178 | // | 178 | // |
179 | // WM commands | 179 | // WM commands |
180 | // | 180 | // |
181 | if (command == "restart") | 181 | if (command == "restart" && trusted) |
182 | return new RestartFluxboxCmd(arguments); | 182 | return new RestartFluxboxCmd(arguments); |
183 | else if (command == "reconfigure" || command == "reconfig") | 183 | else if (command == "reconfigure" || command == "reconfig") |
184 | return new ReconfigureFluxboxCmd(); | 184 | return new ReconfigureFluxboxCmd(); |
@@ -190,11 +190,12 @@ FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, | |||
190 | return new KeyModeCmd(arguments); | 190 | return new KeyModeCmd(arguments); |
191 | else if (command == "saverc") | 191 | else if (command == "saverc") |
192 | return new SaveResources(); | 192 | return new SaveResources(); |
193 | else if (command == "execcommand" || command == "execute" || command == "exec") | 193 | else if (command == "execcommand" || command == "execute" || command == "exec") { |
194 | if (!trusted) return 0; | ||
194 | return new ExecuteCmd(arguments); // execute command on key screen | 195 | return new ExecuteCmd(arguments); // execute command on key screen |
195 | else if (command == "exit" || command == "quit") | 196 | } else if (command == "exit" || command == "quit") |
196 | return new ExitFluxboxCmd(); | 197 | return new ExitFluxboxCmd(); |
197 | else if (command == "setenv" || command == "export") { | 198 | else if ((command == "setenv" || command == "export") && trusted) { |
198 | 199 | ||
199 | string name = arguments; | 200 | string name = arguments; |
200 | FbTk::StringUtil::removeFirstWhitespace(name); | 201 | FbTk::StringUtil::removeFirstWhitespace(name); |
@@ -216,9 +217,9 @@ FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, | |||
216 | } | 217 | } |
217 | else if (command == "commanddialog") // run specified fluxbox command | 218 | else if (command == "commanddialog") // run specified fluxbox command |
218 | return new CommandDialogCmd(); | 219 | return new CommandDialogCmd(); |
219 | else if (command == "bindkey") | 220 | else if (command == "bindkey" && trusted) |
220 | return new BindKeyCmd(arguments); | 221 | return new BindKeyCmd(arguments); |
221 | else if (command == "setresourcevalue") { | 222 | else if (command == "setresourcevalue" && trusted) { |
222 | // we need to parse arguments as: | 223 | // we need to parse arguments as: |
223 | // <remove whitespace here><resname><one whitespace><value> | 224 | // <remove whitespace here><resname><one whitespace><value> |
224 | string name = arguments; | 225 | string name = arguments; |
@@ -517,7 +518,7 @@ FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, | |||
517 | } | 518 | } |
518 | c= FbTk::StringUtil::toLower(cmd); | 519 | c= FbTk::StringUtil::toLower(cmd); |
519 | 520 | ||
520 | FbTk::Command* fbcmd= stringToCommand(c,a); | 521 | FbTk::Command* fbcmd= stringToCommand(c,a,trusted); |
521 | if (fbcmd) { | 522 | if (fbcmd) { |
522 | FbTk::RefCount<FbTk::Command> rfbcmd(fbcmd); | 523 | FbTk::RefCount<FbTk::Command> rfbcmd(fbcmd); |
523 | macro->add(rfbcmd); | 524 | macro->add(rfbcmd); |
@@ -554,7 +555,7 @@ FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, | |||
554 | } | 555 | } |
555 | c= FbTk::StringUtil::toLower(cmd); | 556 | c= FbTk::StringUtil::toLower(cmd); |
556 | 557 | ||
557 | FbTk::Command* fbcmd= stringToCommand(c,a); | 558 | FbTk::Command* fbcmd= stringToCommand(c,a,trusted); |
558 | if (fbcmd) { | 559 | if (fbcmd) { |
559 | FbTk::RefCount<FbTk::Command> rfbcmd(fbcmd); | 560 | FbTk::RefCount<FbTk::Command> rfbcmd(fbcmd); |
560 | macro->add(rfbcmd); | 561 | macro->add(rfbcmd); |