File: send.html

package info (click to toggle)
gcl 2.6.14-21
  • links: PTS
  • area: main
  • in suites: forky, sid
  • size: 60,864 kB
  • sloc: ansic: 177,407; lisp: 151,509; asm: 128,169; sh: 22,510; cpp: 11,923; tcl: 3,181; perl: 2,930; makefile: 2,360; sed: 334; yacc: 226; lex: 95; awk: 30; fortran: 24; csh: 23
file content (96 lines) | stat: -rw-r--r-- 4,323 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
 
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<!-- Created by GNU Texinfo 6.7, http://www.gnu.org/software/texinfo/ -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>send (GCL TK Manual)</title>

<meta name="description" content="send (GCL TK Manual)">
<meta name="keywords" content="send (GCL TK Manual)">
<meta name="resource-type" content="document">
<meta name="distribution" content="global">
<meta name="Generator" content="makeinfo">
<link href="index.html" rel="start" title="Top">
<link href="wm.html#SEC_Contents" rel="contents" title="Table of Contents">
<link href="Control.html" rel="up" title="Control">
<link href="tk.html" rel="next" title="tk">
<link href="selection.html" rel="prev" title="selection">
<style type="text/css">
<!--
a.summary-letter {text-decoration: none}
blockquote.indentedblock {margin-right: 0em}
div.display {margin-left: 3.2em}
div.example {margin-left: 3.2em}
div.lisp {margin-left: 3.2em}
kbd {font-style: oblique}
pre.display {font-family: inherit}
pre.format {font-family: inherit}
pre.menu-comment {font-family: serif}
pre.menu-preformatted {font-family: serif}
span.nolinebreak {white-space: nowrap}
span.roman {font-family: initial; font-weight: normal}
span.sansserif {font-family: sans-serif; font-weight: normal}
ul.no-bullet {list-style: none}
-->
</style>


</head>

<body lang="en">
<span id="send"></span><div class="header">
<p>
Next: <a href="tk.html" accesskey="n" rel="next">tk</a>, Previous: <a href="selection.html" accesskey="p" rel="prev">selection</a>, Up: <a href="Control.html" accesskey="u" rel="up">Control</a> &nbsp; [<a href="wm.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>]</p>
</div>
<hr>
<span id="send-1"></span><h3 class="section">3.18 send</h3>

<p>send \- Execute a command in a different interpreter
</p><span id="Synopsis-31"></span><h4 class="unnumberedsubsec">Synopsis</h4>
<p><b>send </b><i>interp cmd </i><span class="roman">?</span><i>arg arg ...</i>?
</p>
<span id="Description-29"></span><h4 class="unnumberedsubsec">Description</h4>

<p>This command arranges for <i>cmd</i><span class="roman"> (and </span><i>arg</i>s) to be executed in the
interpreter named by <i>interp</i>.  It returns the result or
error from that command execution.  <i>Interp</i> must be the
name of an interpreter registered on the display associated with
the interpreter in which the command is invoked;  it need not
be within the same process or application.  If no <i>arg</i>
arguments are present, then the command to be executed is
contained entirely within the <i>cmd</i> argument.  If one or
more <i>arg</i>s are present, they are concatenated to form the
command to be executed, just as for the <b>eval</b> Tcl command.
</p>
<span id="Security"></span><h4 class="unnumberedsubsec">Security</h4>

<p>The <b>send</b> command is potentially a serious security loophole,
since any application that can connect to your X server can send
scripts to your applications.
These incoming scripts can use Tcl to read and
write your files and invoke subprocesses under your name.
Host-based access control such as that provided by <b>xhost</b>
is particularly insecure, since it allows anyone with an account
on particular hosts to connect to your server, and if disabled it
allows anyone anywhere to connect to your server.
In order to provide at least a small amount of
security, Tk checks the access control being used by the server
and rejects incoming sends unless (a) <b>xhost</b>-style access control
is enabled (i.e. only certain hosts can establish connections) and (b) the
list of enabled hosts is empty.
This means that applications cannot connect to your server unless
they use some other form of authorization
such as that provide by <b>xauth</b>.
</p>
<span id="Keywords-32"></span><h4 class="unnumberedsubsec">Keywords</h4>
<p>interpreter, remote execution, security, send
</p><hr>
<div class="header">
<p>
Next: <a href="tk.html" accesskey="n" rel="next">tk</a>, Previous: <a href="selection.html" accesskey="p" rel="prev">selection</a>, Up: <a href="Control.html" accesskey="u" rel="up">Control</a> &nbsp; [<a href="wm.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>]</p>
</div>



</body>
</html>