On 2011-08-09 07:00:32 -0400, Thomas Dickey wrote: > It falls into the same category as the other "allow" items - > something where there's a potential for outsiders (e.g., > send-events) to manipulate it.
Not really. Events sent by process output to the terminal should be disabled, whether or not the run-command is implemented. As I've said, a middle-click (which does a paste) is already dangerous enough. What I'm saying is that Meta <Btn1Up>: run-command(...) wouldn't be more dangerous than the standard ~Ctrl ~Meta <Btn2Up>: insert-selection(SELECT, CUT_BUFFER0) if the command itself doesn't contain a security hole. -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <http://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <http://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / Arénaire project (LIP, ENS-Lyon) -- To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110809123455.gg8...@xvii.vinc17.org
