--- vim70/src/eval.c.cve-2007-2438 2007-05-09 13:53:15.000000000 -0600 +++ vim70/src/eval.c 2007-05-09 13:58:01.000000000 -0600 @@ -9068,6 +9068,13 @@ f_feedkeys(argvars, rettv) char_u *keys_esc; rettv->vval.v_number = 0; + + /* This is not allowed in the sandbox. If the commands would still be + * executed in the sandbox it would be OK, but it probably happens later, + * when "sandbox" is no longer set. */ + if (check_secure()) + return; + keys = get_tv_string(&argvars[0]); if (*keys != NUL) { @@ -15567,6 +15574,9 @@ f_system(argvars, rettv) char_u buf[NUMBUFLEN]; int err = FALSE; FILE *fd; + + if (check_restricted() || check_secure()) + return; if (argvars[1].v_type != VAR_UNKNOWN) { @@ -16392,6 +16402,9 @@ f_writefile(argvars, rettv) char_u *s; int ret = 0; int c; + + if (check_restricted() || check_secure()) + return; if (argvars[0].v_type != VAR_LIST) {