Mercurial > vim
diff runtime/doc/starting.txt @ 15748:93b78c4a7cd5 v8.1.0881
patch 8.1.0881: can execute shell commands in rvim through interfaces
commit https://github.com/vim/vim/commit/8c62a08faf89663e5633dc5036cd8695c80f1075
Author: Bram Moolenaar <Bram@vim.org>
Date: Fri Feb 8 14:34:10 2019 +0100
patch 8.1.0881: can execute shell commands in rvim through interfaces
Problem: Can execute shell commands in rvim through interfaces.
Solution: Disable using interfaces in restricted mode. Allow for writing
file with writefile(), histadd() and a few others.
author | Bram Moolenaar <Bram@vim.org> |
---|---|
date | Fri, 08 Feb 2019 14:45:07 +0100 |
parents | f8b0f1e42f2c |
children | a6ca8cf07a98 |
line wrap: on
line diff
--- a/runtime/doc/starting.txt +++ b/runtime/doc/starting.txt @@ -248,12 +248,18 @@ a slash. Thus "-R" means recovery and " changes and writing. {not in Vi} - *-Z* *restricted-mode* *E145* + *-Z* *restricted-mode* *E145* *E981* -Z Restricted mode. All commands that make use of an external shell are disabled. This includes suspending with CTRL-Z, - ":sh", filtering, the system() function, backtick expansion, - delete(), rename(), mkdir(), writefile(), libcall(), - job_start(), etc. + ":sh", filtering, the system() function, backtick expansion + and libcall(). + Also disallowed are delete(), rename(), mkdir(), job_start(), + etc. + Interfaces, such as Python, Ruby and Lua, are also disabled, + since they could be used to execute shell commands. Perl uses + the Safe module. + Note that the user may still find a loophole to execute a + shell command, it has only been made difficult. {not in Vi} *-g*