Jan Minář wrote: > On Wed, Aug 20, 2008 at 4:38 AM, Ben Schmidt > <[EMAIL PROTECTED]> wrote: >> the shell. It should be checked that the keyword is properly >> shell-escaped, too. I can't quickly think of a way to easily exploit >> this one, so I don't think it's a security risk, but it's definitely >> a bug. > > This is very much a security bug. One that allows arbitrary shell > commands execution.
Without being properly shell-escaped, yes. I hadn't tested that aspect, and in my mind, my security comment didn't refer to it, but assumed escaping was done. In the actual email, the security comment does seem to refer to the shell escaping... And in real life it seems the keyword isn't fully escaped, though it partly is. Wrong type(s) of escaping perhaps. Ouch. Ben. --~--~---------~--~----~------------~-------~--~----~ You received this message from the "vim_dev" maillist. For more information, visit http://www.vim.org/maillist.php -~----------~----~----~----~------~----~------~--~---
