pool/xterm
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
xterm/xterm-forbid_window_and_font_ops.patch
Petr Cerny 1d46060398 Accepting request 372759 from home:pcerny:factory 
- Patch #324 - 2016/03/10
  * updated configure macro CF_LD_RPATH_OPT from ncurses changes.
  * provide alternate fix for Juha Nurmela's report by turning on
    POSIX signals if _POSIX_C_SOURCE is at least one. This is
    done to improve the behavior if a direct child process
    receives a STOP signal.
  * revert change to CF_POSIX_C_SOURCE from patch #323
    (reports by Ashish Shukla, Christian Weisgerber).
- Patch #323 - 2016/03/07
  * updated appdata and desktop files to add keywords (report by
    Richard Hughes).
  * modify configure macro CF_POSIX_C_SOURCE to accommodate some
    systems, e.g., FreeBSD, which have separated their
    implementation specific preprocessor symbols from the POSIX
    ones, requiring both to be defined (report by Juha Nurmela).
  * change the directory to the current working dir of the child
    process in exec-formatted and exec-selectable actions (patch
    by Alexander Pohoyda).
  * correct typo in xterm.man (patch by Larry Hynes).
  * correct typo in ctlseqs.ms (report by Shriramana Sharma).
  * add feature to support XHTML and SVG screen dumps (patch by
    Jens Schweikhardt).
  * correct response to DECRQSS when terminal id is less than 400
    (patch by Iwamoto Kouichi).

OBS-URL: https://build.opensuse.org/request/show/372759
OBS-URL: https://build.opensuse.org/package/show/X11:terminals/xterm?expand=0&rev=138
2016-03-14 11:25:23 +00:00

50 lines
1.7 KiB
Diff
Raw Blame History

# forbid dangerous escape sequences (font loading)
diff --git a/XTerm.ad b/XTerm.ad
--- a/XTerm.ad
+++ b/XTerm.ad
@@ -262,16 +262,21 @@
!*faceSize: 8
! Here is a pattern that is useful for double-clicking on a URL:
!*charClass: 33:48,35:48,37-38:48,43-47:48,58:48,61:48,63-64:48,95:48,126:48
!
! Alternatively,
!*on2Clicks: regex [[:alpha:]]+://([[:alnum:]!#+,./=?@_~-]|(%[[:xdigit:]][[:xdigit:]]))+
+! Security: Disallow operations that might allow raw text being pasted to xterm to
+! execute code.
+*allowWindowOps: false
+*allowFontOps: false
+
!! We want a 8bit clean xterm
*eightBitInput: true
*eightBitOutput: true
!! Default Settings
*termName: xterm
*pointerShape: top_left_arrow
*scrollKey: true
diff --git a/xterm.man b/xterm.man
--- a/xterm.man
+++ b/xterm.man
@@ -1896,17 +1896,17 @@ The default is \*(``false\*(''.
.TP
.B "allowColorOps (\fPclass\fB AllowColorOps)"
Specifies whether control sequences that set/query the dynamic colors should be allowed.
ANSI colors are unaffected by this resource setting.
The default is \*(``true\*(''.
.TP
.B "allowFontOps (\fPclass\fB AllowFontOps)"
Specifies whether control sequences that set/query the font should be allowed.
-The default is \*(``true\*(''.
+The default is \*(``false\*(''.
.TP 8
.B "allowPasteControls (\fPclass\fB AllowPasteControls)"
If true, allow control characters such as BEL and CAN to be pasted.
Formatting characters (tab, newline) are always allowed.
Other C0 control characters are suppressed unless this resource is enabled.
The exact set of control characters (C0 and C1)
depends upon whether UTF-8 encoding is used,
as well as the \fBallowC1Printable\fP resource.
Reference in New Issue View Git Blame Copy Permalink