id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc,mlocked 4647,Make mythbookmarkmanager pass valid command line to myth_system(),amb@…,Isaac Richards,"The mythbookmarkmanager plugin passes an invalid command line to the myth_system() function. There can be unescaped shell characters passed in which then gets passed straight to the command line. If a URL is something like http ://a.site/path?arg1=1&arg2=2&arg3=3 then the '&' character is not protected from the shell. This patch just fixes the non-security related problems by quoting the '&' and ';' characters. This is not sufficient for a full fix for the problem but it fixes normal usage. A proper fix should go into myth_system() in mythlib/utils.cpp. Unless proven otherwise failure to escape shell characters should be considered a security problem. Any command can be stored in the bookmark by typing it in so this allows for any shell command to be run as the same user as mythbrowser. This is why it is marked as major priority and high severity - feel free to analyse the security implications and downgrade if necessary.",patch,closed,major,0.21,mythbrowser,head,high,fixed,,,0