Jerry/eval-gjs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
eval-gjs/README.md

31 lines
1.1 KiB
Markdown
Raw Normal View History

Update README.md, add warning
2023-09-17 23:08:39 +08:00
# POTENTIAL SECURITY BREACH
This extension enables arbitrary code execution via `Eval()` dbus method. This means when you enable this extension, malicious apps, extensions or scripts can call the said dbus method and run malicious GJS codes on your machine.
First commit
2021-09-25 13:11:01 +08:00
# Eval GJS GNOME Shell Extension
As of GNOME 41, the dbus method `Eval()` is now restricted with `MetaContext:unsafe-mode` property (see this [commit](https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1970/diffs?commit_id=f42df5995e08a89495e2f59a9ed89b5c03369bf8)). This extension provides unrestricted `Eval()` dbus method for running arbitrary code in the compositor.
## Features
* Run arbitrary GJS code like you would with GNOME `Eval()` dbus method.
* `Main`, `Gio`, `GLib` and `Meta` available by default.
## Installation
```sh
Fix git URL
2021-09-25 13:13:19 +08:00
git clone git://github.com/ramottamado/eval-gjs.git
First commit
2021-09-25 13:11:01 +08:00
cd eval-gjs
make install
```
## Example Usage
```sh
gdbus call \
--session \
--dest org.gnome.Shell \
--object-path /dev/ramottamado/EvalGjs \
--method dev.ramottamado.EvalGjs.Eval "Main.overview.show();"
Update README.md, add warning
2023-09-17 23:08:39 +08:00
```
Reference in a new issue Copy permalink