[Portland-bugs] [Bug 66670] xdg-open: command injection vulnerability
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Wed Jan 21 15:45:29 PST 2015
https://bugs.freedesktop.org/show_bug.cgi?id=66670
--- Comment #18 from Rex Dieter <rdieter at math.unl.edu> ---
fWiw, I get:
$ DE="generic" XDG_CURRENT_DESKTOP="" xdg-open 'http://127.0.0.1/$(xterm)
START /usr/bin/google-chrome-stable http://127.0.0.1/$(xterm)
With a browser window with url: http://127.0.0.1/$(xterm)
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/portland-bugs/attachments/20150121/1ebb737e/attachment.html>
More information about the Portland-bugs
mailing list