home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Skunkware 5
/
Skunkware 5.iso
/
man
/
cat.n
/
send.n
< prev
next >
Wrap
Text File
|
1995-07-25
|
3KB
|
67 lines
sssseeeennnndddd((((nnnn)))) TTTTkkkk (((( )))) sssseeeennnndddd((((nnnn))))
_________________________________________________________________
NNNNAAAAMMMMEEEE
send - Execute a command in a different interpreter
SSSSYYYYNNNNOOOOPPPPSSSSIIIISSSS
sssseeeennnndddd _i_n_t_e_r_p _c_m_d ?_a_r_g _a_r_g ...?
_________________________________________________________________
DDDDEEEESSSSCCCCRRRRIIIIPPPPTTTTIIIIOOOONNNN
This command arranges for _c_m_d (and _a_r_gs) to be executed in
the interpreter named by _i_n_t_e_r_p. It returns the result or
error from that command execution. _I_n_t_e_r_p must be the name
of an interpreter registered on the display associated with
the interpreter in which the command is invoked; it need
not be within the same process or application. If no _a_r_g
arguments are present, then the command to be executed is
contained entirely within the _c_m_d argument. If one or more
_a_r_gs are present, they are concatenated to form the command
to be executed, just as for the eeeevvvvaaaallll Tcl command.
SSSSEEEECCCCUUUURRRRIIIITTTTYYYY
The sssseeeennnndddd command is potentially a serious security loophole, |
since any application that can connect to your X server can |
send scripts to your applications. These incoming scripts |
can use Tcl to read and write your files and invoke |
subprocesses under your name. Host-based access control |
such as that provided by xxxxhhhhoooosssstttt is particularly insecure, |
since it allows anyone with an account on particular hosts |
to connect to your server, and if disabled it allows anyone |
anywhere to connect to your server. In order to provide at |
least a small amount of security, Tk checks the access |
control being used by the server and rejects incoming sends |
unless (a) xxxxhhhhoooosssstttt-style access control is enabled (i.e. only |
certain hosts can establish connections) and (b) the list of |
enabled hosts is empty. This means that applications cannot |
connect to your server unless they use some other form of |
authorization such as that provide by xxxxaaaauuuutttthhhh.
KKKKEEEEYYYYWWWWOOOORRRRDDDDSSSS
interpreter, remote execution, security, send
Page 1 (printed 7/23/95)