Quoting Kevin Cozens <kevin@xxxxxxxxx>: > Um... no. The "system" function was deliberately left out of the portion of > tsx I included with Script-Fu. Few people would need it and it is just too > dangerous to have available in all GIMP installs. It would allow creation of > trojan scripts that could do damage to a computer. > > On the other hand, the Perl, Python, and Ruby language bindings can issue > system commands so malware scripts are already possible but not every GIMP > install can use those other language bindings "out of the box". > > We need to think a little about this before going ahead and enabling a > function that would allow system calls to be used in scripts that could be > run on any machine with GIMP. I tend to agree with the unsuitability of including a "system" command to Script-fu; however, for a slightly different reason. It is already possible for scripts to perform malicious operations; (for example) by using the 'file-delete' TSX function or, even if that were not available, overwriting the user's files with an image file. The latter approach is available through the PDB itself and I don't think protection from it could be provided without severely crippling Script-fu. Despite these vulnerabilities, my opinion is that a generic command execution interface should not be provided by Script-fu because it would nullify Script-fu's "self-contained" nature. Knowing that any Script-fu .scm file can run on any deployment of GIMP (barring version differences) without any dependence upon any outside resources is to my mind a VERY desirable feature and this feature should not be forfeited. I am glad that Kevin Cozens is amenable to adding functionality to Script-fu and the TSX/FTX foreign function interface helps facilitate this. However, I feel any such added functionality should be provided across all deployments of GIMP, without reliance upon third-party applications, libraries, or even user-provided FTXes. _______________________________________________ Gimp-developer mailing list Gimp-developer@xxxxxxxxxxxxxxxxxxxxxx https://lists.XCF.Berkeley.EDU/mailman/listinfo/gimp-developer
