Re: [PATCH] Add shell-quasiquote.

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] Add shell-quasiquote.

From:	Dmitry Gutov
Subject:	Re: [PATCH] Add shell-quasiquote.
Date:	Tue, 20 Oct 2015 19:59:46 +0300
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Thunderbird/42.0

On 10/20/2015 07:41 PM, Taylan Ulrich Bayırlı/Kammer wrote:

I'm afraid it's effectively the same thing as using shell-quote-argument
directly in my code.  It puts the responsibility on me, because if
shell-quote-argument breaks and I don't react fast enough to change
shqq--quote-string, it's my fault for having used a definition of
shqq--quote-string that was prone to breakage.

So it would be okay if shell-quote-argument breaks and thus makes majorfunctionality in Emacs vulnerable, but your tiny function in its smallpackage is safe and sound? That's a nice set of priorities.

Regarding responsibility, I repeat: contributing package to ELPA meansthat that the developers here share some of it.

And your function, speaking in security terms, adds to the attacksurface, not subtracts from it.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH] Add shell-quasiquote., (continued)

Prev by Date: Re: [PATCH] Add shell-quasiquote.
Next by Date: Re: [Emacs-diffs] master cfc34c1: Update the way directories are compressed
Previous by thread: Re: [PATCH] Add shell-quasiquote.
Next by thread: Re: [PATCH] Add shell-quasiquote.
Index(es):
- Date
- Thread