Extend commandentry to hold the number of args. When launching the command a dialog is shown with a text input for each command. The list of args is then sent in the packet
Details
Diff Detail
- Repository
- R225 KDE Connect - Android application
- Branch
- commandargs
- Lint
No Linters Available - Unit
No Unit Test Coverage - Build Status
Buildable 3401 Build 3419: arc lint + arc unit
It's useful when you have commands that you run often, but with varying parameters. Like "sudo pacman -S $packet". I don't know why you would want to install packets from the phone, but there are other commands where this will be more useful
There is a problem with injection-type attacks
For instance, I have created the command: "touch %1" (just to test)
I can run the command with the argument "/tmp/test" and I see the file /tmp/test -- Good!
I can then run the command with the argument "/tmp/test2; rm /tmp/test". I see the file /tmp/test2, but /tmp/test has been deleted -- Not good!
In case the point isn't clear, this allows arbitrary command execution from a compromised handset by sticking whatever you want into a command argument. Of course, any checking should be on the desktop side.