On 20/08/08 06:51, Jan Minář wrote: [...] > Opening the following URL using the K command will launch the > xclock(1x) program: > > http://www.google.co.uk/search?q=&xclock&;
Pasting this into the SeaMonkey location bar opens a Google page. Hitting K on it in gvim with 'keywordprg' set to "seamonkey" invokes ":!seamonkey http" which gives a page from the site http://www.http.com/ In neither case do I see any xclock process, even though the program is in my $PATH. > > But, of course, it's much worse: Since the URL is inside a buffer, we > can assume the whole of the buffer can be controlled by the attacker. > They can use a modeline to set 'iskeyword' to contain any characters > needed for a particular shell command: > > /* We use an obscure glibc function -- check out the man page! */ > clockface = (xclock&)pwnme(a, b, x + y); > [...] > /* vim:iskeyword:a-z,&,),(: */ Error detected while processing modelines line 4: E518: Unknown option: a-z,&,),( Hitting K on line 2 (with 'keywordprg' still set to "seamonkey") gives ":!seamonkey clockface" which for some reason loads the page http://www.apple.com/ > > Cheers, > Jan. Best regards, Tony. -- Dear Miss Manners: My home economics teacher says that one must never place one's elbows on the table. However, I have read that one elbow, in between courses, is all right. Which is correct? Gentle Reader: For the purpose of answering examinations in your home economics class, your teacher is correct. Catching on to this principle of education may be of even greater importance to you now than learning correct current table manners, vital as Miss Manners believes that is. --~--~---------~--~----~------------~-------~--~----~ You received this message from the "vim_dev" maillist. For more information, visit http://www.vim.org/maillist.php -~----------~----~----~----~------~----~------~--~---
