[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: unquote?
- From: David Given <dg@...>
- Date: Tue, 04 Oct 2011 22:56:02 +0100
On 04/10/11 22:50, Petite Abeille wrote:
> The content of the string could be anything. I would rather not execute it. Just unquote it.
The content of the string is guaranteed to be a *string* --- that's part
of what %q is for. Commands can't escape from %q, so you don't have to
worry about arbitrary code execution.
┌─── ｄｇ＠ｃｏｗｌａｒｋ．ｃｏｍ ───── http://www.cowlark.com ─────
│ "Under communism, man exploits man. Under capitalism, it's just the
│ opposite." --- John Kenneth Galbrith
Description: OpenPGP digital signature