One genuine problem was the you could send snippets of code to any Tcl/Tk progra... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

rwmj 3 months ago | parent | context | favorite | on: Tcl the Misunderstood (2006)

One genuine problem was the you could send snippets of code to any Tcl/Tk program running on the same X server and it would execute them. Obviously X isn't the most secure of systems and you should trust your X clients, but this made it very easy if you could persuade someone to run a "command line" program. I wonder if that was fixed?

cmacleod4 3 months ago [–]

This is something to be aware of. It can be guarded against, see https://www.tcl-lang.org/man/tcl/TkCmd/send.htm#M9 .

rwmj 3 months ago | [–]

To be fair, it is a pretty cool feature.

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact