added note about security hole in execute function

[grml-shlib.git] / sh-lib

diff --git a/sh-lib b/sh-lib
index e68951c..be6f60e 100644 (file)
--- a/sh-lib
+++ b/sh-lib
@@ -177,6 +177,10 @@ function warnLog
 #
 ###
 
+##
+# ATTENTION... THIS FUNCTINOS IS A BIG SECURITY HOLE
+# this function will be changed in future release
+##
 # i don't want to write exit status controle stuff every time
 function execute
 {
@@ -186,6 +190,7 @@ function execute
 
   local ret_=''
 
+  # NOT A GOOD IDEA
   eval "$to_exec_"
   ret_=$?