Re: [Inkscape-devel] Escaping $ in commandline parameters

On Wed, Apr 11, 2007 at 09:56:37AM -0700, Ted Gould wrote:

Okay, the only reason I was curious is because users can install extensions in their home directory and Inkscape will pick them up. They would still have to download it, so I guess the worst case is some sort of trojan horse type thing where a potentially malicious extension is advertised as being really useful.

Sure. But no Inkscape security will stop people from downloading a .inx with <command>rm -rf /</command> in it. :)