From: root Date: Mon, 9 Jan 2006 02:06:43 +0000 (+0000) Subject: *** empty log message *** X-Git-Url: http://git.openbox.org/?a=commitdiff_plain;h=cf3cbaba6ecab4b81436d5f8801898e6da097efd;p=dana%2Furxvt.git *** empty log message *** --- diff --git a/src/perl/selection-popup b/src/perl/selection-popup index 3233d47f..4d21cb9f 100644 --- a/src/perl/selection-popup +++ b/src/perl/selection-popup @@ -37,6 +37,9 @@ sub on_button_press { for ($text) { $add_button->("rot13" => sub { y/A-Za-z/N-ZA-Mn-za-m/ }); + urxvt::safe + and $add_button->("eval perl expression" => sub { $_ = eval urxvt::untaint $_ }); + /^(\S+):(\d+):?$/ and $add_button->("vi-commands to load '$1'" => sub { s/^(\S+):(\d+):?$/\x1b:e $1\x0d:$2\x0d/ }); diff --git a/src/rxvtperl.xs b/src/rxvtperl.xs index 52d8d8c0..ea65dd50 100644 --- a/src/rxvtperl.xs +++ b/src/rxvtperl.xs @@ -717,6 +717,13 @@ untaint (SV *sv) OUTPUT: RETVAL +bool +safe () + CODE: + RETVAL = !rxvt_tainted (); + OUTPUT: + RETVAL + NV NOW () CODE: diff --git a/src/urxvt.pm b/src/urxvt.pm index 9a31f0ad..19ff7696 100644 --- a/src/urxvt.pm +++ b/src/urxvt.pm @@ -335,6 +335,12 @@ that calls this function. Using this function has the advantage that its output ends up in the correct place, e.g. on stderr of the connecting urxvtc client. +=item $is_safe = urxvt::safe + +Returns true when it is safe to do potentially unsafe things, such as +evaluating perl code specified by the user. This is true when urxvt was +started setuid or setgid. + =item $time = urxvt::NOW Returns the "current time" (as per the event loop).