A malicious Palace server can force a client to execute arbitrary programs.