From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Eli Zaretskii <eliz@gnu.org>
Newsgroups: gmane.emacs.bugs
Subject: bug#21702: shell-quote-argument semantics and safety
Date: Mon, 19 Oct 2015 12:32:22 +0300
Message-ID: <83io63gq55.fsf@gnu.org>
References: <871tcstkuk.fsf@T420.taylan> <83pp0chzax.fsf@gnu.org>
	<874mhoq9ct.fsf@T420.taylan> <83h9lohsao.fsf@gnu.org>
	<87h9lnpb0o.fsf@T420.taylan> <83twpnguzz.fsf@gnu.org>
	<87vba3nrg7.fsf@T420.taylan>
Reply-To: Eli Zaretskii <eliz@gnu.org>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8BIT
X-Trace: ger.gmane.org 1445247206 12807 80.91.229.3 (19 Oct 2015 09:33:26 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Mon, 19 Oct 2015 09:33:26 +0000 (UTC)
Cc: 21702@debbugs.gnu.org
To: taylanbayirli@gmail.com (Taylan Ulrich
	=?UTF-8?Q?Bay=C4=B1rl=C4=B1/Kammer?=)
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Mon Oct 19 11:33:16 2015
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>
Envelope-to: geb-bug-gnu-emacs@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>)
	id 1Zo6od-0002wv-PJ
	for geb-bug-gnu-emacs@m.gmane.org; Mon, 19 Oct 2015 11:33:15 +0200
Original-Received: from localhost ([::1]:37878 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>)
	id 1Zo6od-0000BF-0x
	for geb-bug-gnu-emacs@m.gmane.org; Mon, 19 Oct 2015 05:33:15 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:42707)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1Zo6oV-0000Al-Pk
	for bug-gnu-emacs@gnu.org; Mon, 19 Oct 2015 05:33:11 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1Zo6oQ-0005Yn-OP
	for bug-gnu-emacs@gnu.org; Mon, 19 Oct 2015 05:33:07 -0400
Original-Received: from debbugs.gnu.org ([208.118.235.43]:36808)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1Zo6oQ-0005Yj-MS
	for bug-gnu-emacs@gnu.org; Mon, 19 Oct 2015 05:33:02 -0400
Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.80)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1Zo6oQ-0000Kg-G9
	for bug-gnu-emacs@gnu.org; Mon, 19 Oct 2015 05:33:02 -0400
X-Loop: help-debbugs@gnu.org
Resent-From: Eli Zaretskii <eliz@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Mon, 19 Oct 2015 09:33:02 +0000
Resent-Message-ID: <handler.21702.B21702.14452471461237@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 21702
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
Original-Received: via spool by 21702-submit@debbugs.gnu.org id=B21702.14452471461237
	(code B ref 21702); Mon, 19 Oct 2015 09:33:02 +0000
Original-Received: (at 21702) by debbugs.gnu.org; 19 Oct 2015 09:32:26 +0000
Original-Received: from localhost ([127.0.0.1]:55749 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1Zo6nq-0000Js-9n
	for submit@debbugs.gnu.org; Mon, 19 Oct 2015 05:32:26 -0400
Original-Received: from mtaout26.012.net.il ([80.179.55.182]:44651)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <eliz@gnu.org>) id 1Zo6nn-0000Jj-Vn
	for 21702@debbugs.gnu.org; Mon, 19 Oct 2015 05:32:25 -0400
Original-Received: from conversion-daemon.mtaout26.012.net.il by mtaout26.012.net.il
	(HyperSendmail v2007.08) id <0NWG00700NWT6F00@mtaout26.012.net.il> for
	21702@debbugs.gnu.org; Mon, 19 Oct 2015 12:35:34 +0300 (IDT)
Original-Received: from HOME-C4E4A596F7 ([84.94.185.246]) by mtaout26.012.net.il
	(HyperSendmail v2007.08) with ESMTPA id
	<0NWG00MR6NZ9NM90@mtaout26.012.net.il>;
	Mon, 19 Oct 2015 12:35:34 +0300 (IDT)
In-reply-to: <87vba3nrg7.fsf@T420.taylan>
X-012-Sender: halo1@inter.net.il
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x
X-Received-From: 208.118.235.43
X-BeenThere: bug-gnu-emacs@gnu.org
List-Id: "Bug reports for GNU Emacs,
	the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-gnu-emacs>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.bugs:107750
Archived-At: <http://permalink.gmane.org/gmane.emacs.bugs/107750>

> From: taylanbayirli@gmail.com (Taylan Ulrich Bayırlı/Kammer)
> Cc: 21702@debbugs.gnu.org
> Date: Mon, 19 Oct 2015 11:22:16 +0200
> 
> > Like I said, this convention should be adopted project-wide.  Doing so
> > only in a few doc strings, let alone one, will only confuse, because
> > the user will not know whether the lack of such documentation means
> > the API is safe or unsafe.
> 
> Yes, it should be done for every function for which the concerns I've
> explained apply.  So let's start from this one.

Before we start, we need a _decision_ to do that everywhere.  Then we
could start doing that piecemeal.  Before the decision is made,
there's no reason to make any such changes.

> >> I would propose something along the lines of:
> >> 
> >>     It is guaranteed that ARGUMENT will be parsed as a single token by
> >>     shells X, Y, and Z, as long as it is separated from other text via a
> >>     delimiter in the syntax of the respective shell.
> >
> > I don't think we want to mention specific shells explicitly, because
> > maintaining such a list would be a burden.  The standard shell of each
> > OS is well defined and known to the users of the respective systems.
> > Moreover, Emacs by default uses that shell automatically.
> 
> For instance: POSIX sh, MS-DOS, and Windows NT, is not a long list.

This list doesn't name shells on DOS and Windows (there are several
good candidates).  As for Posix, is it only sh?  What about Bash? what
about zsh?

You see, the moment you come up with a list such as above, people will
start complaining that their favorite shell is not in the list, and
the list will grow.  Then we will discover that some shells are not
really compatible after all, etc. etc.  It's a maintenance burden we
had better avoided.

Saying "the standard shell" avoids all that nicely, because it refers
to a single well-known shell.

> I don't understand what "a shell command doesn't need to be quoted to be
> harmful" is supposed to mean

Something like this:

  rm -rf /*

> Here's a patch doing an improvement to the documentation like the one I
> proposed.  Of course, if you have verified that shells other than POSIX
> sh are fully safe, feel free to improve the docstring accordingly.

Thanks.  However, like I said, I don't think this change would be
correct, or needed.