IncidenceAttachment: don't allow running executables (!9) · Merge requests · PIM / PIM IncidenceEditor

David Faure requested to merge work/dfaure/setRunExecutables into release/20.12 Dec 12, 2020

This only sounds like a recipe for security issues, with no good use case. Looking at the history in the kde4 kdepim repo is difficult because of rewrites of the class, but it really looks like this was a boolean-trap victim, the initial "true" in runURL() was about 'tempFile', not about 'runExecutables'.

IncidenceAttachment: don't allow running executables

Merge request reports