| Sign In/My Account | View Cart |
Article:  |
Build a Dashboard Widget | |
| Subject: | Isn't that a bit dangerous? | |
| Date: | 2005-05-07 01:55:30 | |
| From: | KerryB | |
var commandLine =
|
||
Showing messages 1 through 4 of 4.
-
Isn't that a bit dangerous?
2005-05-09 09:32:39 heyotwell [View]
-
Isn't that a bit dangerous?
2005-05-07 05:15:01 Andrew Anderson | [View]
I guess it is dangerous, but it is no more dangerous than the user entering "rm -rf $HOME" in a command shell.
Trapping for ";" would make it so a user could not run malicious programs, but since this Widget does not connect to the Internet and is run exclusively from the local machine by local users, the danger is no more than the same command being issued from the command-line.
Do not get me wrong though, your point is excellent. This Widget happens not to connect to the Internet and does not do anything nefarious. As Widget's proliferate, the possibility of downloading one that does something bad will be pretty high. The good news is that we will have the source code to review, the bad news is we will have to review it. In other words "Downloader beware".
-
Isn't that a bit dangerous?
2005-05-07 04:57:55 SanjayW [View]
What prevents the user from typing the same command on Terminal? I guess the point is moot. -
Isn't that a bit dangerous?
2005-05-07 12:59:27 KerryB [View]
What prevents the user from typing the same command on Terminal? I guess the point is moot.
Yeah, I realised that after posting. I guess I've been spending too much time writing server side code!
| Privacy Policy > View Sample Newsletter > |
800-889-8969 or 707-827-7019 Monday-Friday 7:30am-5pm PT ©2011, O'Reilly Media, Inc. All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. |
|
More importantly, what prevents a *widget* from simply running that code on its own?