From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Random832 Newsgroups: gmane.emacs.devel Subject: Re: [PATCH] Add shell-quasiquote. Date: Sun, 18 Oct 2015 08:59:32 -0400 Message-ID: <87io648h8r.fsf@fastmail.com> References: <87si59wj42.fsf@T420.taylan> <83eggt4esi.fsf@gnu.org> <87fv19wh7b.fsf@T420.taylan> <83bnbx4d7e.fsf@gnu.org> <87twppuzfu.fsf@T420.taylan> <83a8rh48if.fsf@gnu.org> <87io65utmt.fsf@T420.taylan> <5622B337.4050700@yandex.ru> <876125uqzw.fsf@T420.taylan> <5622BE84.8030209@yandex.ru> <87twpptato.fsf@T420.taylan> <87pp0cehly.fsf@gmx.de> <878u70trqz.fsf@T420.taylan> <87si58phte.fsf@gmx.de> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Trace: ger.gmane.org 1445173221 13587 80.91.229.3 (18 Oct 2015 13:00:21 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Sun, 18 Oct 2015 13:00:21 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sun Oct 18 15:00:07 2015 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1ZnnZG-0003xO-9e for ged-emacs-devel@m.gmane.org; Sun, 18 Oct 2015 15:00:06 +0200 Original-Received: from localhost ([::1]:33636 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZnnZF-00080a-MM for ged-emacs-devel@m.gmane.org; Sun, 18 Oct 2015 09:00:05 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:52289) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZnnZB-00080M-R8 for emacs-devel@gnu.org; Sun, 18 Oct 2015 09:00:02 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZnnZ6-00064R-SF for emacs-devel@gnu.org; Sun, 18 Oct 2015 09:00:01 -0400 Original-Received: from plane.gmane.org ([80.91.229.3]:43252) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZnnZ6-00064L-L0 for emacs-devel@gnu.org; Sun, 18 Oct 2015 08:59:56 -0400 Original-Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1ZnnZ5-0003lB-0W for emacs-devel@gnu.org; Sun, 18 Oct 2015 14:59:55 +0200 Original-Received: from c-68-39-146-59.hsd1.in.comcast.net ([68.39.146.59]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 18 Oct 2015 14:59:54 +0200 Original-Received: from random832 by c-68-39-146-59.hsd1.in.comcast.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 18 Oct 2015 14:59:54 +0200 X-Injected-Via-Gmane: http://gmane.org/ Original-Lines: 55 Original-X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: c-68-39-146-59.hsd1.in.comcast.net User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) Cancel-Lock: sha1:c7FvM51DBujqpzgvz9mXKHmUc3g= X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 80.91.229.3 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:191941 Archived-At: Michael Albinus writes: > PS: I'm working as Security Consultant, and so I am paranoid per > definition. But I'm not *such* paranoid until I see there are good > reasons for. I do think it's disappointing that people are having such a cavalier attitude about this... The documentation does say: | Precisely what this function does depends on your operating | system. The function is designed to work with the syntax of your | system’s standard shell; if you use an unusual shell, you will | need to redefine this function. But it doesn't bother explaining what operating systems it works on, what is an unusual shell, or that _not_ having it defined in a way consistent with the shell has security implications. I think this has contributed to Taylan having a "gut feeling" that it may not be secure on Windows, because it is difficult to understand the implementation and is not well-documented and the attitude is not a good sign. For example, ^-quoting is only applied if [%!"] are present, but is applied to [%!()"<>&|^]. Why? Who knows? The linked documentation for CommandLineToArgV provides no insight about this second level of quoting. Why does ms-dos have separate logic from nt? And I know there's nothing to be done for it, but the fact that it does not have any way to escape wildcards is concerning. I think it would be reasonable for it to be an error if a character that it doesn't know how to handle or can't handle is present, rather than just muddle through. The whole point of having a function is to get it right; if you don't care about that then (format "command \"%s\"" filename) is good enough for 95% of usage. Speaking of Tramp, what if the local shell is not the same as the remote shell? And I don't see how the commands it runs "require a bournish shell" at all. they require that the commands themselves exist, but that's nothing to do with the shell. Tramp also (as of Emacs 24.5) wraps shell-quote-argument in its own logic which fixes a newline handling bug that is no longer present. Which also violates the "don't reinvent the wheel" policy - the fix should have been submitted to shell-quote-argument itself (as it ultimately was), and should never have been included in a version of tramp that shipped with Emacs. It even has a TODO item: ;; * Rewrite `tramp-shell-quote-argument' to abstain from using ;; `shell-quote-argument'. So much for not reinventing the wheel.