Tcl8.6.10/Tk8.6.10 Documentation > Tk Commands > loadTk
Tcl/Tk Applications | Tcl Commands | Tk Commands | [incr Tcl] Package Commands | SQLite3 Package Commands | TDBC Package Commands | tdbc::mysql Package Commands | tdbc::odbc Package Commands | tdbc::postgres Package Commands | tdbc::sqlite3 Package Commands | Thread Package Commands | Tcl C API | Tk C API | [incr Tcl] Package C API | TDBC Package C API
NAME
safe::loadTk — Load Tk into a safe interpreter.SYNOPSIS
safe::loadTk slave ?-use windowId? ?-display displayName?DESCRIPTION
Safe Tk is based on Safe Tcl, which provides a mechanism that allows restricted and mediated access to auto-loading and packages for safe interpreters. Safe Tk adds the ability to configure the interpreter for safe Tk operations and load Tk into safe interpreters.The safe::loadTk command initializes the required data structures in the named safe interpreter and then loads Tk into it. The interpreter must have been created with safe::interpCreate or have been initialized with safe::interpInit. The command returns the name of the safe interpreter. If -use is specified, the window identified by the specified system dependent identifier windowId is used to contain the “.” window of the safe interpreter; it can be any valid id, eventually referencing a window belonging to another application. As a convenience, if the window you plan to use is a Tk Window of the application you can use the window name (e.g., “.x.y”) instead of its window Id (e.g., from winfo id .x.y). When -use is not specified, a new toplevel window is created for the “.” window of the safe interpreter. On X11 if you want the embedded window to use another display than the default one, specify it with -display. See the SECURITY ISSUES section below for implementation details.
SECURITY ISSUES
Please read the safe manual page for Tcl to learn about the basic security considerations for Safe Tcl.safe::loadTk adds the value of tk_library taken from the master interpreter to the virtual access path of the safe interpreter so that auto-loading will work in the safe interpreter.
Tk initialization is now safe with respect to not trusting the slave's state for startup. safe::loadTk registers the slave's name so when the Tk initialization (Tk_SafeInit) is called and in turn calls the master's safe::InitTk it will return the desired argv equivalent (-use windowId, correct -display, etc.)
When -use is not used, the new toplevel created is specially decorated so the user is always aware that the user interface presented comes from a potentially unsafe code and can easily delete the corresponding interpreter.
On X11, conflicting -use and -display are likely to generate a fatal X error.