summaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
Diffstat (limited to 'doc')
-rw-r--r--doc/Tk_Init.352
-rw-r--r--doc/keysyms.n4
2 files changed, 49 insertions, 7 deletions
diff --git a/doc/Tk_Init.3 b/doc/Tk_Init.3
index badcbe4..779a9e6 100644
--- a/doc/Tk_Init.3
+++ b/doc/Tk_Init.3
@@ -4,21 +4,23 @@
'\" See the file "license.terms" for information on usage and redistribution
'\" of this file, and for a DISCLAIMER OF ALL WARRANTIES.
'\"
-'\" RCS: @(#) $Id: Tk_Init.3,v 1.2 1998/09/14 18:22:54 stanton Exp $
+'\" RCS: @(#) $Id: Tk_Init.3,v 1.3 2000/04/28 00:46:04 ericm Exp $
'\"
.so man.macros
-.TH Tk_Init 3 4.1 Tk "Tk Library Procedures"
+.TH Tk_Init 3 8.0 Tk "Tk Library Procedures"
.BS
.SH NAME
-Tk_Init \- add Tk to an interpreter and make a new Tk application.
+Tk_Init, Tk_SafeInit \- add Tk to an interpreter and make a new Tk application.
.SH SYNOPSIS
.nf
\fB#include <tk.h>\fR
.sp
int
\fBTk_Init\fR(\fIinterp\fR)
+.sp
+int
+\fBTk_SafeInit\fR(\fIinterp\fR)
.SH ARGUMENTS
-.AS Tcl_Interp *interp
.AP Tcl_Interp *interp in
Interpreter in which to load Tk. Tk should not already be loaded
in this interpreter.
@@ -42,6 +44,46 @@ new Tk application.
The options may have any of the forms documented for the
\fBwish\fR application (in fact, \fBwish\fR uses Tk_Init to process
its command-line arguments).
+.PP
+\fBTk_SafeInit\fR is identical to \fBTk_Init\fR except that it removes
+all Tk commands that are considered unsafe. Those commands and the
+reasons for their exclusion are:
+.TP
+\fBbell\fR
+Continuous ringing of the bell is a nuisance.
+.TP
+\fBclipboard\fR
+A malicious script could replace the contents of the clipboard with
+the string \fB"rm -r *"\fR and lead to surprises when the contents of
+the clipboard are pasted.
+.TP
+\fBgrab\fR
+Grab can be used to block the user from using any other applications.
+.TP
+\fBmenu\fR
+Menus can be used to cover the entire screen and to steal input from
+the user.
+.TP
+\fBselection\fR
+See clipboard.
+.TP
+\fBsend\fR
+Send can be used to cause unsafe interpreters to execute commands.
+.TP
+\fBtk\fR
+The tk command recreates the send command, which is unsafe.
+.TP
+\fBtkwait\fR
+Tkwait can block the containing process forever
+.TP
+\fBtoplevel\fR
+Toplevels can be used to cover the entire screen and to steal input
+from the user.
+.TP
+\fBwm\fR
+If toplevels are ever allowed, wm can be used to remove decorations,
+move windows around, etc.
+.CE
.SH KEYWORDS
-application, initialization, load, main window
+safe, application, initialization, load, main window
diff --git a/doc/keysyms.n b/doc/keysyms.n
index 4dffbce..7c8cfe2 100644
--- a/doc/keysyms.n
+++ b/doc/keysyms.n
@@ -2,7 +2,7 @@
'\" Copyright (c) 1998-2000 by Scriptics Corporation.
'\" All rights reserved.
'\"
-'\" RCS: @(#) $Id: keysyms.n,v 1.1 2000/04/27 18:28:57 ericm Exp $
+'\" RCS: @(#) $Id: keysyms.n,v 1.2 2000/04/28 00:46:04 ericm Exp $
'\"
'\"
.so man.macros
@@ -914,7 +914,7 @@ Hyper_R 65518 0xffee
Delete 65535 0xffff
.CE
-.SH SEE ALSO
+.SH "SEE ALSO"
bind
.SH KEYWORDS