From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Richard Stallman <rms@gnu.org>
Newsgroups: gmane.emacs.devel
Subject: Re: Emacs Lisp's future
Date: Wed, 08 Oct 2014 21:19:40 -0400
Message-ID: <E1Xc2OK-0001mE-Ct@fencepost.gnu.org>
References: <54193A70.9020901@member.fsf.org>
	<87lhp6h4zb.fsf@panthera.terpri.org>
	<87k34qo4c1.fsf@fencepost.gnu.org> <54257C22.2000806@yandex.ru>
	<83iokato6x.fsf@gnu.org> <87wq8pwjen.fsf@uwakimon.sk.tsukuba.ac.jp>
	<837g0ptnlj.fsf@gnu.org> <87r3yxwdr6.fsf@uwakimon.sk.tsukuba.ac.jp>
	<87tx3tmi3t.fsf@fencepost.gnu.org> <834mvttgsf.fsf@gnu.org>
	<jwvoau19n3n.fsf-monnier+emacs@gnu.org>
	<87lhp5m99w.fsf@fencepost.gnu.org>
	<jwviok99jki.fsf-monnier+emacs@gnu.org>
	<87h9ztm5oa.fsf@fencepost.gnu.org>
	<jwvd2ah9hve.fsf-monnier+emacs@gnu.org>
	<87d2ahm3nw.fsf@fencepost.gnu.org>
	<jwv1tqx9ea3.fsf-monnier+emacs@gnu.org>
	<E1XYNnY-0005Zo-Kz@fencepost.gnu.org> <871tqneyvl.fsf@netris.org>
	<E1XatgZ-00062a-AU@fencepost.gnu.org>
	<87zjd9swfj.fsf@uwakimon.sk.tsukuba.ac.jp>
	<E1XbfQa-0000UU-6N@fencepost.gnu.org>
	<87oatnqpml.fsf@uwakimon.sk.tsukuba.ac.jp>
Reply-To: rms@gnu.org
NNTP-Posting-Host: plane.gmane.org
Content-Type: text/plain; charset=ISO-8859-15
X-Trace: ger.gmane.org 1412817605 28061 80.91.229.3 (9 Oct 2014 01:20:05 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Thu, 9 Oct 2014 01:20:05 +0000 (UTC)
Cc: dak@gnu.org, mhw@netris.org, dmantipov@yandex.ru, emacs-devel@gnu.org,
	handa@gnu.org, monnier@iro.umontreal.ca, eliz@gnu.org
To: "Stephen J. Turnbull" <stephen@xemacs.org>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Thu Oct 09 03:20:00 2014
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Xc2Od-0004F6-M4
	for ged-emacs-devel@m.gmane.org; Thu, 09 Oct 2014 03:19:59 +0200
Original-Received: from localhost ([::1]:39346 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Xc2Ob-0003kg-74
	for ged-emacs-devel@m.gmane.org; Wed, 08 Oct 2014 21:19:57 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:54248)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from <rms@gnu.org>)
	id 1Xc2OP-0003kO-0m
	for emacs-devel@gnu.org; Wed, 08 Oct 2014 21:19:45 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <rms@gnu.org>) id 1Xc2OM-0006V8-1q
	for emacs-devel@gnu.org; Wed, 08 Oct 2014 21:19:44 -0400
Original-Received: from fencepost.gnu.org ([2001:4830:134:3::e]:55522)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <rms@gnu.org>)
	id 1Xc2OL-0006V2-VB
	for emacs-devel@gnu.org; Wed, 08 Oct 2014 21:19:41 -0400
Original-Received: from rms by fencepost.gnu.org with local (Exim 4.71)
	(envelope-from <rms@gnu.org>)
	id 1Xc2OK-0001mE-Ct; Wed, 08 Oct 2014 21:19:40 -0400
In-reply-to: <87oatnqpml.fsf@uwakimon.sk.tsukuba.ac.jp> (stephen@xemacs.org)
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
	(bad octet value).
X-Received-From: 2001:4830:134:3::e
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:175154
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/175154>

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

    I just want to make sure that Emacs developers in general are aware
    that if string properties are added to Guile itself, Emacs will be a
    potential vector for attacks.

If you demonstrate that this claim is valid, I will be concerned.

     For example, by providing a "back
    channel" for malicious information

So what?  How would this affect what anyone can do?  There are many
other channels to communicate data from one part of a Scheme program
to another, so how would this additional channel make a practical
difference?  Why object to adding a window in a wall that has so many
doorways already?

If you show me that there is some real and useful form
of security, which adding string property lists would break,
you could convince me that there is a real issue of security here.

    What I advocate is that string properties should be implemented by
    using Guile facilities for defining types, not by changing Guile.

It would be a pain in the neck if Emacs strings were something
different from Guile strings.  If you want to argue that security
justifies this pain, you need to show it is real security and really
does a useful job.

-- 
Dr Richard Stallman
President, Free Software Foundation
51 Franklin St
Boston MA 02110
USA
www.fsf.org  www.gnu.org
Skype: No way! That's nonfree (freedom-denying) software.
  Use Ekiga or an ordinary phone call.