From d07c6b707da7c22d6b744b8cf50e306766e11ba9 Mon Sep 17 00:00:00 2001
From: intrigeri <intrigeri@boum.org>
Date: Wed, 15 Oct 2008 00:34:25 +0200
Subject: [PATCH] po plugin: todo++ : security note about system()

Signed-off-by: intrigeri <intrigeri@boum.org>
---
 doc/plugins/po.mdwn | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/doc/plugins/po.mdwn b/doc/plugins/po.mdwn
index 9ae6d964a..044a165b3 100644
--- a/doc/plugins/po.mdwn
+++ b/doc/plugins/po.mdwn
@@ -186,6 +186,10 @@ Committing changes to a "master" page:
 - all the needed POT and PO files have to be created
 - the PO files must be checked into version control
 
+**FIXME** `refreshpofiles` uses `system()`, whose args have to be
+checked more thoroughly to prevent any security issue (command
+injection, etc.).
+
 UI consistency: rename "Edit" button on slave pages
 ---------------------------------------------------
 
-- 
2.45.0