Add toggle for unsafe paste #798
Conversation
|
This is pretty much this. My apologies - @jeremypw pretty much mentioned there was no official supported mean to toggle it back, and for once i thought it was easy enough to offer. I am quite new to all this, and not so sure about the lint - I only touched the one file.
|
|
Code looks good! To be picky, the unsafe dialog also now appears with "doas" in the command and (will) also work with dropped text so a more general description would be something like |
|
Valid nitpick. Would "inserting" work instead of "pasting or dropping" ? It isnt typed manually but "inserted" "Show a warning dialog when inserting administration commands or multiple commands at once" |
src/Widgets/SettingsPopover.vala
Outdated
| @@ -113,6 +113,11 @@ public sealed class Terminal.SettingsPopover : Gtk.Popover { | |||
| active = Application.settings.get_boolean ("natural-copy-paste") | |||
| }; | |||
|
|
|||
| var unsafe_paste_alert_button = new Granite.SwitchModelButton (_("Unsafe Paste Alert")) { | |||
| description = _("Show a warning dialog when pasting a command with 'sudo' or multiple lines"), | |||
There was a problem hiding this comment.
maybe something like this? I don’t think we need to say “dialog”. Since there’s multiple ways to enter text from somewhere else, maybe we focus on the copying instead of the pasting/dragging. And the kind of person who needs this probably doesn’t understand what “sudo” or “doas” means so try to use language they would understand. Not sure if “administrative” or “advanced” or something else is better here. Might need to look at language from like Polkit agent or something else to see what we usually use here
| description = _("Show a warning dialog when pasting a command with 'sudo' or multiple lines"), | |
| description = _("Warn when pasted text contains administrative commands or multiple lines"), |
There was a problem hiding this comment.
Agree about "dialog". "Copied text" is a bit ambiguous as you can also copy from the terminal. Again not sure what "advanced" means in this context (and what it might be translated to). It is difficult to be precise, unambiguous and succinct all at the same time!
There was a problem hiding this comment.
Okay updated my suggestion to use "administrative commands" and stick to "paste" here
There was a problem hiding this comment.
"Warn when pasted text contains multiple or administrative commands"
short. May be of the vague.
There was a problem hiding this comment.
I think that is good - short and clear!
There was a problem hiding this comment.
I think that's pretty good. In combination with seeing/interacting with the actual warning dialog I think folks should be able to work out what this setting refers to
There was a problem hiding this comment.
Yes. By default it is "on". So if they disable it, theyll likely have already interacted with it in the past and connected the dots with the dialog and pasting "doas"
(unrelated but does it also react to Wget outputted to bash ? Ive seen too "oh heres a one liner to download and run this script that fixes your problem")
There was a problem hiding this comment.
At present it just looks for the words "sudo" or "doas" so it is pretty dumb. Maybe raise an issue if you feel there is a further security threat not covered.
"Inserting" was my first choice but I was worried that the reader might think the dialog would appear when entering administrative commands by typing as well. Its probably OK together with TRANSLATORS note to make it clear that it only means pasting or dropping. |
|
I think it would be better to use "paste" than "insert" personally. A dnd operation could still be considered a "paste" but I think "insert" implies typing would also trigger it |
|
"Administrative commands" could be good. I kinda like that! Seems concise but clear |
|
Another possibility is to use the word "privileged". |
"Warn when pasted text contains multiple or administrative commands"
|
My first Pull Request :') (sorry i know adding a toggle is the easiest thing in the world but i am proud) |
No description provided.