From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: "Stephen J. Turnbull" Newsgroups: gmane.emacs.devel Subject: Re: [PATCH] Add shell-quasiquote. Date: Mon, 19 Oct 2015 13:32:51 +0900 Message-ID: <22052.29299.917171.338544@turnbull.sk.tsukuba.ac.jp> References: <87si59wj42.fsf@T420.taylan> <83eggt4esi.fsf@gnu.org> <87fv19wh7b.fsf@T420.taylan> <83bnbx4d7e.fsf@gnu.org> <87twppuzfu.fsf@T420.taylan> <83a8rh48if.fsf@gnu.org> <87io65utmt.fsf@T420.taylan> <5622B337.4050700@yandex.ru> <876125uqzw.fsf@T420.taylan> <5622BE84.8030209@yandex.ru> <87twpptato.fsf@T420.taylan> <87pp0cehly.fsf@gmx.de> <878u70trqz.fsf@T420.taylan> <87si58phte.fsf@gmx.de> <87io648h8r.fsf@fastmail.com> <83oafwhykw.fsf@gnu.org> <8737x87zq6.fsf@fastmail.com> <83fv18hs32.fsf@gnu.org> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Trace: ger.gmane.org 1445229205 27209 80.91.229.3 (19 Oct 2015 04:33:25 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 19 Oct 2015 04:33:25 +0000 (UTC) Cc: Random832 , emacs-devel@gnu.org To: Eli Zaretskii Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Oct 19 06:33:20 2015 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1Zo28N-0002T9-1Z for ged-emacs-devel@m.gmane.org; Mon, 19 Oct 2015 06:33:19 +0200 Original-Received: from localhost ([::1]:36418 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Zo28L-0006fw-QQ for ged-emacs-devel@m.gmane.org; Mon, 19 Oct 2015 00:33:17 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:45079) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Zo288-0006fq-Er for emacs-devel@gnu.org; Mon, 19 Oct 2015 00:33:05 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Zo287-0001ro-KG for emacs-devel@gnu.org; Mon, 19 Oct 2015 00:33:04 -0400 Original-Received: from turnbull.sk.tsukuba.ac.jp ([130.158.96.25]:56130) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Zo283-0001rI-As; Mon, 19 Oct 2015 00:32:59 -0400 Original-Received: from steve by turnbull.sk.tsukuba.ac.jp with local (Exim 4.86) (envelope-from ) id 1Zo27w-00035v-4H; Mon, 19 Oct 2015 13:32:52 +0900 In-Reply-To: <83fv18hs32.fsf@gnu.org> X-Mailer: VM 8.0.12-devo-585 under 21.5 (beta34) "kale" 698a9aa86de4 XEmacs Lucid (x86_64-apple-darwin14.5.0) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: steve@turnbull.sk.tsukuba.ac.jp X-SA-Exim-Scanned: No (on turnbull.sk.tsukuba.ac.jp); SAEximRunCond expanded to false X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 130.158.96.25 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:192027 Archived-At: Eli Zaretskii writes: > Random832 writes: > > Yes, sorry. A typical Windows program (at least, one compiled with > > MSVC's setargv.obj) will try to interpret wildcards in any part of > > CommandLineToArgv's result which contains a ? or * character, with > > no provision to prevent it from doing so. (In particular, double > > quotes have no effect). > > This actually depends on the startup code. The latest release of > mingw.org's MinGW runtime does allow you to quote wildcard characters. > And on Windows XP and older even the other runtimes allow that. > > In any case, this is not an Emacs problem. Of course it is, in a security context. I don't think it matters anywhere near as much as code injection, but if Emacs is built with one of those runtimes that doesn't allow wildcards to be disabled, its users will be affected. I think it probably can be immediately judged irrelevant (and perhaps that's what you meant) if Emacs is normally built with a runtime that doesn't interpret quoted wildcards, and the runtimes that always interpret wildcards are not supported. But if Emacs is to meet modern security standards, that kind of thing needs to be considered and confirmed, and to that extent it *is* Emacs's problem. Clearly some developers of Emacs Lisp applications want Emacs to meet those standards. YMMV, and mine does: IMHO Emacs is unlikely to meet modern security standards in my lifetime. I am discouraged from even thinking about it when the advocates of security are passing strings to an unknown shell program and then complaining that Emacs's quoting function may be insecure. Putting a shell in the loop is already saying "Security? What, me worry??" After all, even if you check for POSIX, it might be a slightly dated installation of GNU Bash. :-(