Enhance unsafe detection (#800)

Not the cleanest. Can always define "more" dangerous behaviours, depends how much we want to get in the weeds. I need to learn more vala contains: Multiple commands: as oneliners chained with ";", "||", "|", "&&", "&" Admin commands: run0, su, pkexec, who serve similar purpose to sudo and doas. "su -" can do a lot too Add a space, to avoid false flag if say, it is a word like "visual" that has "su" in it. A command needs a space after it. Co-authored-by: Jeremy Wootten <jeremywootten@gmail.com>
elementary · Dec 6, 2024 · e1a34f7 · e1a34f7
1 parent c5cfbcd
commit e1a34f7
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/src/Widgets/TerminalWidget.vala b/src/Widgets/TerminalWidget.vala
@@ -536,10 +536,11 @@ namespace Terminal {
                 return;
             }
 
+
             string? warn_text = null;
-            if ("\n" in text) {
+            if ("\n" in text || "&" in text || "|" in text || ";" in text ) {
                 warn_text = _("The pasted text may contain multiple commands");
-            } else if ("sudo" in text || "doas" in text) {
+            } else if ("sudo " in text || "doas " in text || "run0 " in text || "pkexec " in text || "su " in text) {
                 warn_text = _("The pasted text may be trying to gain administrative access");
             }