I think there is. I think this is a problem with d3lphin, not with kdesu. Kdesu should be able to run arbitrary command-lines, just like sudo can. The problem here is that d3lphin isn't doing proper escaping before passing to kdesu. It should quote the "%u" as well as escaping any instances of ' to \' and " to \".
-- kdesudo+dolphin leads to command execution vulnerability https://bugs.launchpad.net/bugs/163417 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
