@troubadour I experimented in my above commits with pickle vs text files. Feel free to wipe any non-ideal changes by me when your json based version comes. Please forward port any useful enhancements by me (like improving show_message arg parser) in sdwdate-gui to your json based version.
(If you are going for json. Whatever works best.)
sdwdate-gui should now be more secure without pickle. While doing so I introduced two new bugs in the output.
bTor Bootstrap Result: Tor's Control Port could not be reached. Did you start Gateway beforehand?\n
bat the beginning
- and the
\nat the end
Do I have a type error somewhere? Can we prevent this through a type conversion?
Would be cool if you could help with this so it gets fixed for Whonix 14. Otherwise no rush, it would be a minor regression, not a blocker.
Now after the above two git commits… The following code should be safe from code execution even if the file content was malicious?
with open(self.msg_path, 'rb') as f: msg = f.read() ... self.setIcon(QtGui.QIcon(status)) self.message = msg self.setToolTip('%s\n%s' %(self.title, self.message))