patch 8.1.0881: can execute shell commands in rvim through interfaces
Problem: Can execute shell commands in rvim through interfaces.
Solution: Disable using interfaces in restricted mode. Allow for writing
file with writefile(), histadd() and a few others.
diff --git a/src/ex_docmd.c b/src/ex_docmd.c
index b90ea7b..ccca2f9 100644
--- a/src/ex_docmd.c
+++ b/src/ex_docmd.c
@@ -2007,11 +2007,16 @@
#ifdef HAVE_SANDBOX
if (sandbox != 0 && !(ea.argt & SBOXOK))
{
- /* Command not allowed in sandbox. */
+ // Command not allowed in sandbox.
errormsg = _(e_sandbox);
goto doend;
}
#endif
+ if (restricted != 0 && (ea.argt & RESTRICT))
+ {
+ errormsg = _("E981: Command not allowed in rvim");
+ goto doend;
+ }
if (!curbuf->b_p_ma && (ea.argt & MODIFY))
{
/* Command not allowed in non-'modifiable' buffer */