[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Emacs Lisp's future

From: Richard Stallman
Subject: Re: Emacs Lisp's future
Date: Tue, 07 Oct 2014 20:48:28 -0400

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

     > Given a self-contained Scheme program, it should be easy to determine
     > whether it ever examines or sets string text properties.  Is that enough
     > to provide the same "security" benefits in practice?

    No.  Often systems are constructed by assembling separately developed
    modules.  If a "security" module responsible for checking data
    validity is property-oblivious, then maliciously crafted properties
    may be able to cause "evil" behavior in a property-sensitive module
    supposedly protected by the "security" module.

I don't understand what sort of danger you're worried about.
Can you present a concrete scenario?

    You can impugn the skills of the programmers responsible,

That comes from you, not from me.

                                                              or say it's
    all very hypothetical

It is all very abstract as well as hypothetical.

If you want to convince me that this is a problem, you need to present
sufficient arguments to outweigh the very clear problem that would be
caused by NOT adding property lists to strings.  You need to convice me
that it makes sense to try to prevent communication between two
Scheme programs in the same process.

Dr Richard Stallman
President, Free Software Foundation
51 Franklin St
Boston MA 02110
www.fsf.org  www.gnu.org
Skype: No way! That's nonfree (freedom-denying) software.
  Use Ekiga or an ordinary phone call.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]