From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: "Stephen J. Turnbull" <stephen@xemacs.org>
Newsgroups: gmane.emacs.devel
Subject: Re: Emacs Lisp's future
Date: Wed, 08 Oct 2014 11:09:06 +0900
Message-ID: <87oatnqpml.fsf@uwakimon.sk.tsukuba.ac.jp>
References: <54193A70.9020901@member.fsf.org>
	<87lhp6h4zb.fsf@panthera.terpri.org>
	<87k34qo4c1.fsf@fencepost.gnu.org> <54257C22.2000806@yandex.ru>
	<83iokato6x.fsf@gnu.org> <87wq8pwjen.fsf@uwakimon.sk.tsukuba.ac.jp>
	<837g0ptnlj.fsf@gnu.org> <87r3yxwdr6.fsf@uwakimon.sk.tsukuba.ac.jp>
	<87tx3tmi3t.fsf@fencepost.gnu.org> <834mvttgsf.fsf@gnu.org>
	<jwvoau19n3n.fsf-monnier+emacs@gnu.org>
	<87lhp5m99w.fsf@fencepost.gnu.org>
	<jwviok99jki.fsf-monnier+emacs@gnu.org>
	<87h9ztm5oa.fsf@fencepost.gnu.org>
	<jwvd2ah9hve.fsf-monnier+emacs@gnu.org>
	<87d2ahm3nw.fsf@fencepost.gnu.org>
	<jwv1tqx9ea3.fsf-monnier+emacs@gnu.org>
	<E1XYNnY-0005Zo-Kz@fencepost.gnu.org> <871tqneyvl.fsf@netris.org>
	<E1XatgZ-00062a-AU@fencepost.gnu.org>
	<87zjd9swfj.fsf@uwakimon.sk.tsukuba.ac.jp>
	<E1XbfQa-0000UU-6N@fencepost.gnu.org>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
X-Trace: ger.gmane.org 1412734218 16821 80.91.229.3 (8 Oct 2014 02:10:18 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Wed, 8 Oct 2014 02:10:18 +0000 (UTC)
Cc: dak@gnu.org, mhw@netris.org, dmantipov@yandex.ru, emacs-devel@gnu.org,
	handa@gnu.org, monnier@iro.umontreal.ca, eliz@gnu.org
To: rms@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed Oct 08 04:10:10 2014
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1XbghW-0005gs-KJ
	for ged-emacs-devel@m.gmane.org; Wed, 08 Oct 2014 04:10:06 +0200
Original-Received: from localhost ([::1]:33363 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1XbghV-0005oH-JN
	for ged-emacs-devel@m.gmane.org; Tue, 07 Oct 2014 22:10:01 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:46676)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stephen@xemacs.org>) id 1Xbgh4-0005mQ-3L
	for emacs-devel@gnu.org; Tue, 07 Oct 2014 22:09:49 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <stephen@xemacs.org>) id 1Xbggw-0008MU-Ka
	for emacs-devel@gnu.org; Tue, 07 Oct 2014 22:09:34 -0400
Original-Received: from shako.sk.tsukuba.ac.jp ([130.158.97.161]:53156)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stephen@xemacs.org>)
	id 1Xbggf-0008EE-LB; Tue, 07 Oct 2014 22:09:09 -0400
Original-Received: from uwakimon.sk.tsukuba.ac.jp (uwakimon.sk.tsukuba.ac.jp
	[130.158.99.156])
	by shako.sk.tsukuba.ac.jp (Postfix) with ESMTP id 03F921C39CB;
	Wed,  8 Oct 2014 11:09:07 +0900 (JST)
Original-Received: by uwakimon.sk.tsukuba.ac.jp (Postfix, from userid 1000)
	id E9BDF1A2888; Wed,  8 Oct 2014 11:09:06 +0900 (JST)
In-Reply-To: <E1XbfQa-0000UU-6N@fencepost.gnu.org>
X-Mailer: VM undefined under 21.5  (beta34) "kale" acf1c26e3019 XEmacs Lucid
	(x86_64-unknown-linux)
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x
X-Received-From: 130.158.97.161
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:175105
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/175105>

Richard Stallman writes:

 > If you want to convince me that [a property list vector for
 > implicitly transmitting information across module boundaries] is a
 > problem,

I'm not trying to convince you; your evidentiary requirements are way
too high for me to satisfy in time available.

I just want to make sure that Emacs developers in general are aware
that if string properties are added to Guile itself, Emacs will be a
potential vector for attacks.  For example, by providing a "back
channel" for malicious information if Emacs is used to develop a
management interface for a web service written in Guile which directly
accesses Guile modules used in the web service.

 > you need to present sufficient arguments to outweigh the very clear
 > problem that would be caused by NOT adding property lists to
 > strings.

You misunderstand me.  Emacs obviously needs property lists on
strings.  Nobody in their right mind would suggest otherwise.

What I advocate is that string properties should be implemented by
using Guile facilities for defining types, not by changing Guile.
External modules that want to use Emacs property lists for whatever
reason can explicitly import that interface from Emacs.  However,
those properties should not be passed to non-Emacs modules implicitly.