[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#19350: #19350 24.4; Incorrect quoting of %-signs for Windows command

From: Eli Zaretskii
Subject: bug#19350: #19350 24.4; Incorrect quoting of %-signs for Windows command shell
Date: Mon, 15 Aug 2016 18:01:15 +0300

> From: address@hidden
> Date: Sun, 14 Aug 2016 23:13:43 -0400
> Cc: address@hidden
> Hmm, maybe we could fix this by making Emacs refuse to apply environment
> variables with names ending in carets?

I'm very much against disallowing perfectly valid (if rare) use cases
just because someone malicious can take advantage of that.

>From my POV, as long as Emacs itself doesn't produce such shell
commands and/or environment variables for any of its features,
avoiding this becomes user's responsibility, just like when working at
the shell prompt.  Of course, if we can find a reliable solution to
the problem that doesn't take away features, that'd be better, but
failing that, I'm okay with leaving this alone, perhaps documenting
somewhere that using % in shell commands when there are environment
variables ending in ^ could produce surprising results.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]