mirror of
https://github.com/kovidgoyal/kitty
synced 2026-07-07 17:43:53 +02:00
kitty +open: Ask for permission before executing script files that are not marked as executable
This prevents accidental execution of script files via MIME type association from programs that unconditionally "open" attachments/downloaded files via MIME type associations.
This commit is contained in:
@@ -94,6 +94,7 @@ def edit(args: List[str]) -> None:
|
||||
|
||||
|
||||
def shebang(args: List[str]) -> None:
|
||||
from kitty.constants import kitten_exe
|
||||
script_path = args[1]
|
||||
cmd = args[2:]
|
||||
if cmd == ['__ext__']:
|
||||
@@ -111,7 +112,7 @@ def shebang(args: List[str]) -> None:
|
||||
cmd = line.split(' ')
|
||||
else:
|
||||
cmd = line.split(' ', maxsplit=1)
|
||||
os.execvp(cmd[0], cmd + [script_path])
|
||||
os.execvp(kitten_exe(), ['kitten', '__confirm_and_run_shebang__'] + cmd + [script_path])
|
||||
|
||||
|
||||
def run_kitten(args: List[str]) -> None:
|
||||
|
||||
Reference in New Issue
Block a user