On Wed, May 28, 2003 at 07:02:47PM -0700, T. Alexander Popiel wrote: > In message: <[EMAIL PROTECTED]> > Pavel Roskin <[EMAIL PROTECTED]> writes: > >On Wed, 28 May 2003, T. Alexander Popiel wrote: > > > >> A quick grep of the source for XFetchName shows that yes, > >> there is a command (in command.c) to fetch the window title. > > > >There _was_ a command. > > Ah, the joys of working from a source tree that's just over > a year old. ;-) Sorry for the misinformation. > ... but as I'm using version 2.6.2 still it does work for me! :-)
I had read the security warnings regarding this ability when I tried a Google search for the escape sequence, I didn't actually find the escape sequence though. I'm still not quite sure about the security issues. Why is it more likely that a rogue application will put something nasty in the window title and then uses this escape sequence to output it (and hopefully fool the user into executing it) than doing the same directly without going via the title? -- Chris Green ([EMAIL PROTECTED])
