Skip to content

Unintentional command execution … (turned out to be bad testing)

I found this one while testing for something else:

BROWSER="$(notify-send test):xdg-open" xdg-open -- -foo

will make xdg-open error but also execute the notify-send command. This should not be a security issue because when someone can write malicious text to the BROWSER variable it will be called as a command sooner or later anyway and the access to the environment variable is the issue then.

MR coming soon™ …