Re: [PATCH] Add shell-quasiquote.

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] Add shell-quasiquote.

From:	Eli Zaretskii
Subject:	Re: [PATCH] Add shell-quasiquote.
Date:	Sun, 18 Oct 2015 18:54:41 +0300

> From: Paul Eggert <address@hidden>
> Date: Sat, 17 Oct 2015 19:40:21 -0700
> Cc: address@hidden
> 
> Taylan Ulrich Bayırlı/Kammer wrote:
> > Please tell me which shells shell-quote-argument is guaranteed to work
> > safely on
> 
> Nobody can tell you that. What we can tell you is that shell-quote-argument 
> works on a superset of uses that shqq--quote-string works on. The trust-based 
> arguments against using shell-quote-argument all apply, with greater force, 
> against using shqq--quote-string. For example, shqq--quote-string is more 
> vulnerable to code-injection attacks than shell-quote-argument is.
> 
> I am not a fan of non-POSIX shells. They are a hassle to deal with and can 
> cause 
> significant problems in Emacs maintenance. In areas where they are a 
> significant 
> problem, we don't need to support them. But this particular instance is not a 
> significant problem. Emacs already has a portable, tested, easy-to-use 
> function 
> to quote shell arguments, and there's good reason to use it here.

I completely agree with everything Paul wrote here.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH] Add shell-quasiquote., (continued)
- Re: [PATCH] Add shell-quasiquote., Artur Malabarba, 2015/10/17
  - Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17

Prev by Date: Re: Emacs rewrite in a maintainable language
Next by Date: RE: [PATCH] Add idle-cursor-morph.
Previous by thread: Re: [PATCH] Add shell-quasiquote.
Next by thread: Re: [PATCH] Add shell-quasiquote.
Index(es):
- Date
- Thread