[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] Add shell-quasiquote.
From: |
Taylan Ulrich Bayırlı/Kammer |
Subject: |
Re: [PATCH] Add shell-quasiquote. |
Date: |
Sun, 18 Oct 2015 12:07:00 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Michael Albinus <address@hidden> writes:
> address@hidden (Taylan Ulrich "Bayırlı/Kammer") writes:
>
>> Dmitry Gutov <address@hidden> writes:
>>
>>> On 10/18/2015 12:25 AM, Taylan Ulrich Bayırlı/Kammer wrote:
>>>
>>>> Not knowing that there are bugs is not proof that there are no bugs.
>>>
>>> If you can't point out a bug, you have no justification to not use the
>>> standard function.
>>
>> No, I will *not* let users of my code potentially suffer from arbitrary
>> code injection attacks, thank you very much.
>
> If this is important for you, I recommend stop using Tramp. It makes
> heavy use of (a slightly modified version of) `shell-quote-argument'.
TRAMP doesn't read shell commands from arbitrary input sources...
I hope! :-)
Can a remote host arrange for TRAMP to use shell-quote-argument on
arbitrary strings and pass these to a shell that could potentially be
csh, or any shell we don't know shell-quote-argument to be safe for? If
so, that might be a *very* serious issue and you should not be telling
*me* to stop using TRAMP but rather to the whole Emacs user-base. I
mean it.
Taylan
- Re: [PATCH] Add shell-quasiquote., (continued)
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Eli Zaretskii, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Eli Zaretskii, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Dmitry Gutov, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Dmitry Gutov, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/17
- Re: [PATCH] Add shell-quasiquote., Michael Albinus, 2015/10/18
- Re: [PATCH] Add shell-quasiquote.,
Taylan Ulrich Bayırlı/Kammer <=
- Re: [PATCH] Add shell-quasiquote., Michael Albinus, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Random832, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Taylan Ulrich Bayırlı/Kammer, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Michael Albinus, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Eli Zaretskii, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Random832, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Eli Zaretskii, 2015/10/18
- Re: [PATCH] Add shell-quasiquote., Stephen J. Turnbull, 2015/10/19
- Re: [PATCH] Add shell-quasiquote., Eli Zaretskii, 2015/10/19
- Re: [PATCH] Add shell-quasiquote., Daniel Colascione, 2015/10/19