[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] Add shell-quasiquote.
|
From: |
Eli Zaretskii |
|
Subject: |
Re: [PATCH] Add shell-quasiquote. |
|
Date: |
Sat, 17 Oct 2015 22:09:28 +0300 |
> From: address@hidden (Taylan Ulrich Bayırlı/Kammer)
> Cc: address@hidden
> Date: Sat, 17 Oct 2015 20:23:17 +0200
>
> > I don't think we'd like to have packages limited in that way. AFAIK,
> > we didn't until now, at least not consciously.
>
> Quoting RMS, coincidentally from a couple days ago:
>
> The policy is non-GNU systems are secondary, and lower priority than
> the GNU system, but we are glad to include support for them in GNU
> packages if users contribute the necessary code -- provided that
> code isn't a maintenance problem for us.
>
> The maintenainers of any particular package are the ones who judge
> whether that code is a maintenance problem, since they are the ones
> it would be a problem for.
I don't see how this is relevant for the issue at hand, since the
necessary code (the shell-quote-argument function) was already
contributed to Emacs years ago, and is used in many places in core
Emacs. There's no extra effort needed to support more platforms, just
replace one function with another.
> I generally don't want to take responsibility of my code being used on
> non-GNU/non-POSIX systems, but if I can share the responsibility then
> that's fine.
You are sharing the responsibility with a long line of Emacs
developers, all of whom use this function. I don't see anything you
should worry about, really.
> > And it really isn't a big deal. Emacs already has all the
> > infrastructure for portable handling of shell commands.
> >
> >> How much can I rely on shell-quote-argument?
> >
> > You can rely on it. Emacs uses it in umpteen important places.
> >
> >> Can one fully rely on it being safe against code injection?
> >
> > I don't think I understand what code injection you had in mind.
> > Please elaborate.
>
> (let ((file-list (read where-ever)))
> (shqq (cp -- ,@file-list some-place)))
>
> That code is *guaranteed* to either copy the files in file-list to
> some-place, or error, so long as the argument quoting by shqq works
> well. If it has a bug, then malicious input from where-ever may be able
> to execute arbitrary shell commands.
>
> Is shell-quote-argument safe against such a thing? My shqq-quote-string
> isn't exactly formally proven to be safe either, but its implementation
> is so simple it's fairly obvious that it doesn't contain bugs.
Please take a look at the implementation of shell-quote-argument. It
uses the same interfaces as your implementation, no more, no less. If
your implementation is safe, then so is shell-quote-argument.
- [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Eli Zaretskii, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Eli Zaretskii, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote.,
Eli Zaretskii <=
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Dmitry Gutov, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Dmitry Gutov, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Michael Albinus, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Michael Albinus, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Random832, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/18