diff options
author | David McLean <gopsychonauts@gmail.com> | 2013-08-11 14:29:18 +1000 |
---|---|---|
committer | David McLean <gopsychonauts@gmail.com> | 2013-08-11 14:29:18 +1000 |
commit | 281a73f0308afb85eea5b4d29422031c06132429 (patch) | |
tree | 7846368c72f7a946e417f960dbe46c8a3bf43d68 /src/Bitmap.hs | |
parent | 99069c2fe2c1af51224ca204c15705d5f7f076fa (diff) | |
download | xmobar-281a73f0308afb85eea5b4d29422031c06132429.tar.gz xmobar-281a73f0308afb85eea5b4d29422031c06132429.tar.bz2 |
Run Coms using runInteractiveProcess, not runInteractiveCommand
The API exposed by Com is command -> [arguments] -> alias -> timeout -> Com.
Since the command and arguments are separated like this, one would assume that
the command is run "safely": The arguments are already separated in the arg
list, so the command should be run without passing through a shell, which
ensures that stray shell metacharacters in the arguments don't mess up
anything.
However, previous versions simply joined the command with its arguments into
one string and then passed that string into a shell to run. This is
counter-intuitive given the seemingly "safe" API exposed by Com, so using
runInteractiveProcess instead is the correct implementation.
Note that users may still run commands that need shells by being explicit about
it, like this:
Run Com "/bin/bash" ["-c", "command | nextCommand & parallelCommand"] 60
Diffstat (limited to 'src/Bitmap.hs')
0 files changed, 0 insertions, 0 deletions