summaryrefslogtreecommitdiff
path: root/st.h
diff options
context:
space:
mode:
authorHiltjo Posthuma <hiltjo@codemadness.org>2020-05-30 21:56:18 +0200
committerHiltjo Posthuma <hiltjo@codemadness.org>2020-05-30 22:06:15 +0200
commita2a704492b9f4d2408d180f7aeeacf4c789a1d67 (patch)
treedddf8c868f1ef40c017140ed35018c7aef8b64d8 /st.h
parent0f8b40652bca0670f1f0bda069bbc55f8b5e364d (diff)
config.def.h: add an option allowwindowops, by default off (secure)
Similar to the xterm AllowWindowOps option, this is an option to allow or disallow certain (non-interactive) operations that can be insecure or exploited. NOTE: xsettitle() is not guarded by this because st does not support printing the window title. Else this could be exploitable (arbitrary code execution). Similar problems have been found in the past in other terminal emulators. The sequence for base64-encoded clipboard copy is now guarded because it allows a sequence written to the terminal to manipulate the clipboard of the running user non-interactively, for example: printf '\x1b]52;0;ZWNobyBoaQ0=\a'
Diffstat (limited to 'st.h')
-rw-r--r--st.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/st.h b/st.h
index d978458..3d351b6 100644
--- a/st.h
+++ b/st.h
@@ -118,6 +118,7 @@ extern char *stty_args;
extern char *vtiden;
extern wchar_t *worddelimiters;
extern int allowaltscreen;
+extern int allowwindowops;
extern char *termname;
extern unsigned int tabspaces;
extern unsigned int defaultfg;