From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: Stefan Monnier <monnier@iro.umontreal.ca>
Newsgroups: gmane.emacs.devel
Subject: Re: Unicode confusables and reordering characters considered harmful
Date: Tue, 02 Nov 2021 15:12:56 -0400
Message-ID: <jwva6imqsqs.fsf-monnier+emacs@gnu.org>
References: <YYE1sEv6yS1bBUcu@odonien.localdomain> <875ytag0hb.fsf@yahoo.com>
 <87zgqmd5np.fsf@mat.ucm.es> <83wnlqk3rn.fsf@gnu.org>
 <72dd5c2a-42c7-b12e-05ed-e93adbd89727@gmail.com>
 <83ilxajyhw.fsf@gnu.org>
 <CADwFkm=PHvBiU1Xp6_ibqR1nmxj3YgytV3Jz6=hdOKfFCmTCwg@mail.gmail.com>
 <83fssejxf8.fsf@gnu.org>
 <CADwFkmmtTb9ztSFsEZdS8PJH0AjODVvzg37Dpp-Qk=D+CGjC0Q@mail.gmail.com>
 <835ytajsv2.fsf@gnu.org>
Mime-Version: 1.0
Content-Type: text/plain
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="5057"; mail-complaints-to="usenet@ciao.gmane.io"
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux)
Cc: Stefan Kangas <stefan@marxist.se>,  cpitclaudel@gmail.com,
 emacs-devel@gnu.org
To: Eli Zaretskii <eliz@gnu.org>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Tue Nov 02 20:14:30 2021
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1mhzEs-00016Z-9r
	for ged-emacs-devel@m.gmane-mx.org; Tue, 02 Nov 2021 20:14:30 +0100
Original-Received: from localhost ([::1]:38840 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1mhzEq-0008Bb-Oj
	for ged-emacs-devel@m.gmane-mx.org; Tue, 02 Nov 2021 15:14:28 -0400
Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:53180)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <monnier@iro.umontreal.ca>)
 id 1mhzDi-0007CP-Db
 for emacs-devel@gnu.org; Tue, 02 Nov 2021 15:13:18 -0400
Original-Received: from mailscanner.iro.umontreal.ca ([132.204.25.50]:2393)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <monnier@iro.umontreal.ca>)
 id 1mhzDa-0006Ux-Kj; Tue, 02 Nov 2021 15:13:13 -0400
Original-Received: from pmg3.iro.umontreal.ca (localhost [127.0.0.1])
 by pmg3.iro.umontreal.ca (Proxmox) with ESMTP id 28B5E4407BD;
 Tue,  2 Nov 2021 15:13:06 -0400 (EDT)
Original-Received: from mail01.iro.umontreal.ca (unknown [172.31.2.1])
 by pmg3.iro.umontreal.ca (Proxmox) with ESMTP id 8431C440C7A;
 Tue,  2 Nov 2021 15:13:04 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=iro.umontreal.ca;
 s=mail; t=1635880384;
 bh=4XoBc0LF8SyjitzWCU+2SAV/vQXM88QrwI5mEhwpxgc=;
 h=From:To:Cc:Subject:References:Date:In-Reply-To:From;
 b=o/Bz1MGczALK3co9jUKAyEBLx+9PkNoRBnGjgcNVPfU3WklCIenct1MtwZG6yX10t
 hlfbo+h4Yv3aeNJwlo5EOmNlEsl3pLIRN5yimYaGOIVO/vNS0nLmP2Vkxaw8I+7bQQ
 rwGiwf26K1h5Mhgg3+wT9hJn3mDU4nPZijp8rF7CPuEHgiohiliHlQtjUxiPI60vzr
 kEUqw0Cj41hMVMsJmgq2Pv01Mu1ZhzRncbhBkLD9jQGUqfJ+BR1/mrlgz8oXnZHoZ/
 iwmAno4J7Y61cL/GaE1VAUasMgA8+6igu4dR+PkvOoaP8LPOh4w8d4SKkoXgKuIcxm
 u6uNEM39J3fEw==
Original-Received: from alfajor (lechon.iro.umontreal.ca [132.204.27.242])
 by mail01.iro.umontreal.ca (Postfix) with ESMTPSA id 75CAD1203A9;
 Tue,  2 Nov 2021 15:13:04 -0400 (EDT)
In-Reply-To: <835ytajsv2.fsf@gnu.org> (Eli Zaretskii's message of "Tue, 02 Nov
 2021 20:49:05 +0200")
Received-SPF: pass client-ip=132.204.25.50;
 envelope-from=monnier@iro.umontreal.ca; helo=mailscanner.iro.umontreal.ca
X-Spam_score_int: -42
X-Spam_score: -4.3
X-Spam_bar: ----
X-Spam_report: (-4.3 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org
Original-Sender: "Emacs-devel"
 <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Xref: news.gmane.io gmane.emacs.devel:278519
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/278519>

> You cannot see those characters on a screenshot, for the same reason
> you cannot see any whitespace characters on a screenshot: they are
> only discernible when you move cursor through them.  Which is why I
> asked how are you looking for them.  If you are looking for them in a
> screenshot, you will never see them.

But that's the core of the vulnerability: if you just look at the screen
(and just scroll through it) you will have an incorrect understanding of
what the code does.

It's good that such bidi override chars are displayed as a thin space,
but it's mostly useful to make it possible to edit them (or to `C-x =`
on them), but I don't think it makes a significant different in terms of
the security issues introduced by the presence of those chars in the code.


        Stefan