.\" Automatically generated by Pod::Man v1.34, Pod::Parser v1.13
.\" ========================================================================
.de Sh \" Subsection heading
.de Sp \" Vertical space (when we can't use .PP)
.de Vb \" Begin verbatim text
.de Ve \" End verbatim text
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. | will give a
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to
.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C'
.\" expand to `' in nroff, nothing in troff, for use with C<>.
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
.\" If the F register is turned on, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
. tm Index:\\$1\t\\n%\t"\\$2"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. \" simple accents for nroff and troff
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
.\" ========================================================================
.TH SEND 1 "2000-12-30" "perl v5.8.0" "User Contributed Perl Documentation"
send \- Execute a command in a different application
\&\ \fI$result\fR = \fI$widget\fR\->\fBsend\fR(?\fIoptions\fR,?\fIapp\fR=>\fIcmd\fR?\fIarg arg ...\fR?)
This method arranges for \fIcmd\fR (and \fIarg\fRs) to be 'sent' to the
application named by \fIapp\fR. It returns the result or
an error (hence above should probably be 'wrapped' in \fBeval{}\fR and $@ tested).
\&\fIApp\fR may be the name of any application whose main window is
on the display containing the sender's main window; it need not
be within the same process.
If no \fIarg\fR arguments are present, then the string to be sent
is contained entirely within the \fIcmd\fR argument. If one or
more \fIarg\fRs are present, they are concatenated separated by white space to
form the string to be sent.
If the initial arguments of the call begin with ``\-''
they are treated as options. The following options are
Requests asynchronous invocation. In this case the \fBsend\fR
command will complete immediately without waiting for \fIcmd\fR
to complete in the target application; no result will be available
and errors in the sent command will be ignored.
If the target application is in the same process as the sending
application then the \fB\-async\fR option is ignored.
Serves no purpose except to terminate the list of options. This
option is needed only if \fIapp\fR could contain a leading ``\-''
.IX Header "APPLICATION NAMES"
The name of an application is set initially from the name of the
program or script that created the application.
You can query and change the name of an application with the
.IX Header "WHAT IS A SEND"
The \fBsend\fR mechanism was designed to allow Tcl/Tk applications
to send Tcl Scripts to each other. This does not map very well onto perl/Tk.
Perl/Tk \*(L"sends\*(R" a string to \fIapp\fR, what happens as a result of this
depends on the receiving application. If the other application is a Tcl/Tk4.*
application it will be treated as a Tcl Script. If the \*(L"other\*(R" application is
perl/Tk application (including sends to self) then the string is
passed as an argument to a method call of the following form:
\&\fI$mainwindow\fR\->\fBReceive(\fR\fIstring\fR);
There is a default (AutoLoaded) \fBTk::Receive\fR which returns an error to the
sending application. A particular application may define its own
\&\fBReceive\fR method in any class in \fBMainWindow\fR's inheritance tree
to do whatever it sees fit. For example it could \fBeval\fR the string,
possibly in a \fBSafe\fR \*(L"compartment\*(R".
If a Tcl/Tk application \*(L"sends\*(R" anything to a perl/Tk application
then the perl/Tk application would have to attempt to interpret the
incoming string as a Tcl Script. Simple cases are should not be too hard to
emulate (split on white space and treat first element as \*(L"command\*(R" and other
The \fBsend\fR command is potentially a serious security loophole,
since any application that can connect to your X server can send
scripts to your applications. Hence the default behaviour outlined above.
(With the availability of \fBSafe\fR it may make sense to relax default behaviour
Unmonitored \fBeval\fR'ing of these incoming \*(L"scripts\*(R" can cause perl to
read and write files and invoke subprocesses under your name.
Host-based access control such as that provided by \fBxhost\fR
is particularly insecure, since it allows anyone with an account
on particular hosts to connect to your server, and if disabled it
allows anyone anywhere to connect to your server.
In order to provide at least a small amount of
security, core Tk checks the access control being used by the server
and rejects incoming sends unless (a) \fBxhost\fR\-style access control
is enabled (i.e. only certain hosts can establish connections) and (b) the
list of enabled hosts is empty.
This means that applications cannot connect to your server unless
they use some other form of authorization
such as that provide by \fBxauth\fR.
system's administrator/corporate security guidelines etc.
application, name, remote execution, security, send
projects / OpenSPARC-T2-DV / blob