[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] Add shell-quasiquote.
|
From: |
Daniel Colascione |
|
Subject: |
Re: [PATCH] Add shell-quasiquote. |
|
Date: |
Sun, 18 Oct 2015 22:19:51 -0700 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 |
On 10/18/2015 10:15 PM, Eli Zaretskii wrote:
>> Date: Mon, 19 Oct 2015 13:32:51 +0900
>> From: "Stephen J. Turnbull" <address@hidden>
>> Cc: Random832 <address@hidden>,
>> address@hidden
>>
>> Eli Zaretskii writes:
>> > Random832 writes:
>>
>> > > Yes, sorry. A typical Windows program (at least, one compiled with
>> > > MSVC's setargv.obj) will try to interpret wildcards in any part of
>> > > CommandLineToArgv's result which contains a ? or * character, with
>> > > no provision to prevent it from doing so. (In particular, double
>> > > quotes have no effect).
>> >
>> > This actually depends on the startup code. The latest release of
>> > mingw.org's MinGW runtime does allow you to quote wildcard characters.
>> > And on Windows XP and older even the other runtimes allow that.
>> >
>> > In any case, this is not an Emacs problem.
>>
>> Of course it is, in a security context. I don't think it matters
>> anywhere near as much as code injection, but if Emacs is built with
>> one of those runtimes that doesn't allow wildcards to be disabled, its
>> users will be affected.
>>
>> I think it probably can be immediately judged irrelevant (and perhaps
>> that's what you meant) if Emacs is normally built with a runtime that
>> doesn't interpret quoted wildcards, and the runtimes that always
>> interpret wildcards are not supported.
>
> That's a misunderstanding: the runtime in question is the one used
> with the program that Emacs invokes, not the one used to run Emacs
> itself. On MS-Windows, the expansion of wildcards on the command line
> is done by the application which accepts the command line (in its
> startup code, before the main function is invoked), so that's what
> determines whether a quoted "*" will or will not be expanded. The
> invoking Emacs cannot control or affect that in any way.
But maybe we can make the argument-quoting style a particular program
expects a user-customizable variable.
signature.asc
Description: OpenPGP digital signature
- Re: [PATCH] Add shell-quasiquote., (continued)
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Michael Albinus, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Random832, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Michael Albinus, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Eli Zaretskii, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Random832, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Eli Zaretskii, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Stephen J. Turnbull, 2015/10/19
- Re: [PATCH] Add shell-quasiquote., Eli Zaretskii, 2015/10/19
- Re: [PATCH] Add shell-quasiquote.,
Daniel Colascione <=
- Re: [PATCH] Add shell-quasiquote., Eli Zaretskii, 2015/10/19
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/19
- Re: [PATCH] Add shell-quasiquote., Kai Großjohann, 2015/10/31
- Re: [PATCH] Add shell-quasiquote., Kai Großjohann, 2015/10/31
- Re: [PATCH] Add shell-quasiquote., Michael Albinus, 2015/10/31
- Re: [PATCH] Add shell-quasiquote., Random832, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Paul Eggert, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Random832, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Paul Eggert, 2015/10/17