[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] Add shell-quasiquote.
|
From: |
Taylan Ulrich Bayırlı/Kammer |
|
Subject: |
Re: [PATCH] Add shell-quasiquote. |
|
Date: |
Sat, 17 Oct 2015 20:23:17 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Eli Zaretskii <address@hidden> writes:
>> From: address@hidden (Taylan Ulrich Bayırlı/Kammer)
>> Cc: address@hidden
>> Date: Sat, 17 Oct 2015 19:14:16 +0200
>>
>> Eli Zaretskii <address@hidden> writes:
>>
>> >> +;;; Like `shell-quote-argument', but much simpler in implementation.
>> >> +(defun shqq--quote-string (string)
>> >> + (concat "'" (replace-regexp-in-string "'" "'\\\\''" string) "'"))
>> >
>> > It might be simpler, but it's wrong, because the result is only
>> > correct for Posix shells.
>> >
>> > Please do use shell-quote-argument instead.
>>
>> Hmm, I don't really want to take responsibility of my library being used
>> with shells other than POSIX shells. (The library could make that
>> clearer and error on other systems.)
>
> I don't think we'd like to have packages limited in that way. AFAIK,
> we didn't until now, at least not consciously.
Quoting RMS, coincidentally from a couple days ago:
The policy is non-GNU systems are secondary, and lower priority than
the GNU system, but we are glad to include support for them in GNU
packages if users contribute the necessary code -- provided that
code isn't a maintenance problem for us.
The maintenainers of any particular package are the ones who judge
whether that code is a maintenance problem, since they are the ones
it would be a problem for.
(That mentality made sense to me even before I learned it's GNU policy.)
I generally don't want to take responsibility of my code being used on
non-GNU/non-POSIX systems, but if I can share the responsibility then
that's fine.
> And it really isn't a big deal. Emacs already has all the
> infrastructure for portable handling of shell commands.
>
>> How much can I rely on shell-quote-argument?
>
> You can rely on it. Emacs uses it in umpteen important places.
>
>> Can one fully rely on it being safe against code injection?
>
> I don't think I understand what code injection you had in mind.
> Please elaborate.
(let ((file-list (read where-ever)))
(shqq (cp -- ,@file-list some-place)))
That code is *guaranteed* to either copy the files in file-list to
some-place, or error, so long as the argument quoting by shqq works
well. If it has a bug, then malicious input from where-ever may be able
to execute arbitrary shell commands.
Is shell-quote-argument safe against such a thing? My shqq-quote-string
isn't exactly formally proven to be safe either, but its implementation
is so simple it's fairly obvious that it doesn't contain bugs.
Taylan
- [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Eli Zaretskii, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Eli Zaretskii, 2015/10/17
- Re: [PATCH] Add shell-quasiquote.,
Taylan Ulrich Bayırlı/Kammer <=
- Re: [PATCH] Add shell-quasiquote., Eli Zaretskii, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Dmitry Gutov, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Dmitry Gutov, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Michael Albinus, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Michael Albinus, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Random832, 2015/10/18