• Marco Martin's avatar
    Make sure device paths are quoted · f32002ce
    Marco Martin authored
    in the case a vfat removable device has $() or `` in its label,
    such as $(touch foo) the quoted command may get executed,
    leaving an attack vector. Use KMacroExpander::expandMacrosShellQuote
    to make sure everything is quoted and not interpreted as a command
    
    BUG:389815
    f32002ce
deviceserviceaction.cpp 4.57 KB