原文:
18.2. Is there a send and do I need xauth?
There is a Tk::send, but to use it own must write one's own version of Tk::receive. An example of this may be found in the rmt program distributed with perl/Tk. Note that as of Tk-b12 (including the released version Tk400.200) the script that receives from a Tk::send must run with taint chcecking turned on (i.e. with the -T switch thrown) and it must untaint all commands received from the other process.
The Tk::send <-> Tk::receive process will work under xhost + authority. The security this affords comes from the fact that anyone who would want to exploit it would have to know how to write a Tk::receive custom tailored to your application (in addition to all the other protocol hacking).
Please note that while you may not need xauth authorization it is nevertheless always a good idea.
译文:
18.2. 是否有send函数?是否需要使用xauth?
是的,Perl/Tk本身有一个Tk::send函数,但是要使用它,用户必须自己写一个Tk::receive函数。随Perl/Tk包一起发布的rmt 程序中有一个例子(译者注:现在的版本中好像没有了……)。注意,脚本中接收来自Tk:send的信息的脚本必须打开污染检查的开关(也就是使用-T开关),而且不能污染所有来自其它进程的命令。
Tk::send和Tk::receive进程间通讯需要打开xhost权限。要进行开发的人必须知道如何写一个适合自己的应用程序的Tk::receive函数,并且要保证安全性。
注意,也许你可以不用xauth的权限,但是打开它是一个好主意。(译者注:这里都是针对Unix/Linux系统而言的。)
