-
The Eval() method is unarguably the most sensitive D-Bus method we expose, since it allows running arbitrary code in the compositor. It is currently tied to the `development-tools` settings that is enabled by default. As users have become accustomed to the built-in commands that are enabled by the same setting (restart, lg, ...), that default cannot easily be changed. In order to restrict the method without affecting the rather harmless commands, guard it by the new MetaContext:unsafe-mode property instead of the setting. GNOME/gnome-shell#3943 Part-of: <GNOME/gnome-shell!1970>
7298ee23
