From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: taylanbayirli@gmail.com (Taylan Ulrich =?utf-8?Q?Bay=C4=B1rl=C4=B1?=
	=?utf-8?Q?=2FKammer?=)
Newsgroups: gmane.emacs.devel
Subject: Re: [PATCH] Add shell-quasiquote.
Date: Sun, 18 Oct 2015 15:36:24 +0200
Message-ID: <87oafws3hj.fsf@T420.taylan>
References: <87si59wj42.fsf@T420.taylan> <83eggt4esi.fsf@gnu.org>
	<87fv19wh7b.fsf@T420.taylan> <83bnbx4d7e.fsf@gnu.org>
	<87twppuzfu.fsf@T420.taylan> <83a8rh48if.fsf@gnu.org>
	<87io65utmt.fsf@T420.taylan> <5622B337.4050700@yandex.ru>
	<876125uqzw.fsf@T420.taylan> <5622BE84.8030209@yandex.ru>
	<87twpptato.fsf@T420.taylan> <87pp0cehly.fsf@gmx.de>
	<878u70trqz.fsf@T420.taylan> <87si58phte.fsf@gmx.de>
	<87io648h8r.fsf@fastmail.com>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Trace: ger.gmane.org 1445175408 12040 80.91.229.3 (18 Oct 2015 13:36:48 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Sun, 18 Oct 2015 13:36:48 +0000 (UTC)
Cc: emacs-devel@gnu.org
To: Random832 <random832@fastmail.com>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sun Oct 18 15:36:48 2015
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Zno8j-0005GT-GF
	for ged-emacs-devel@m.gmane.org; Sun, 18 Oct 2015 15:36:45 +0200
Original-Received: from localhost ([::1]:34042 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Zno8i-0002sU-He
	for ged-emacs-devel@m.gmane.org; Sun, 18 Oct 2015 09:36:44 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:58203)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <taylanbayirli@gmail.com>) id 1Zno8U-0002sG-1b
	for emacs-devel@gnu.org; Sun, 18 Oct 2015 09:36:31 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <taylanbayirli@gmail.com>) id 1Zno8S-0006tj-Vk
	for emacs-devel@gnu.org; Sun, 18 Oct 2015 09:36:29 -0400
Original-Received: from mail-wi0-x22e.google.com ([2a00:1450:400c:c05::22e]:38182)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <taylanbayirli@gmail.com>) id 1Zno8S-0006tf-P8
	for emacs-devel@gnu.org; Sun, 18 Oct 2015 09:36:28 -0400
Original-Received: by wicll6 with SMTP id ll6so65444483wic.1
	for <emacs-devel@gnu.org>; Sun, 18 Oct 2015 06:36:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=from:to:cc:subject:references:date:in-reply-to:message-id
	:user-agent:mime-version:content-type:content-transfer-encoding;
	bh=/fPeGf2E7tyKl9b4GTTQknJqdx2C50uJlrXz2dLNXvw=;
	b=N8KSAry1ei0Lkg0ExDOcDVZ1GQTl+nDGmWFUlOMpqJT3V3NmT5qxI78QRXn7EOYS7g
	QLEp9R0WbHnp1h+LV8qxChU5hReUcjL/DshYSSSeE20krDWA64P5cRjfg/Q5NafRSa+J
	9Tslcsm9yQVMrlSRG9FIIesLiB92atNRDCEp9MVgdrShiR/hhSj6inDsGNWmUDqVLO5N
	TV6AyC4/g6PG7x+BiIS8sY24ey2X6Vf9856Wq8BOUMHtxQKvuzDNqGo0sJDt6g5bVEpH
	/i6VGuwLTv7+7+3v4s+kuPMgpKdnHdZpxORr1fcJgzgssP4pC6NYvngYyVntg6qwv4bc
	xQaQ==
X-Received: by 10.194.52.67 with SMTP id r3mr31959827wjo.51.1445175386056;
	Sun, 18 Oct 2015 06:36:26 -0700 (PDT)
Original-Received: from T420.taylan ([2a02:908:c32:4740:221:ccff:fe66:68f0])
	by smtp.gmail.com with ESMTPSA id
	lb10sm34101320wjc.9.2015.10.18.06.36.24
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Sun, 18 Oct 2015 06:36:24 -0700 (PDT)
In-Reply-To: <87io648h8r.fsf@fastmail.com> (Random's message of "Sun, 18 Oct
	2015 08:59:32 -0400")
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
	(bad octet value).
X-Received-From: 2a00:1450:400c:c05::22e
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:191947
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/191947>

Random832 <random832@fastmail.com> writes:

> Michael Albinus <michael.albinus@gmx.de> writes:
>> PS: I'm working as Security Consultant, and so I am paranoid per
>> definition. But I'm not *such* paranoid until I see there are good
>> reasons for.
>
> I do think it's disappointing that people are having such a cavalier
> attitude about this...
>
> The documentation does say:
>
> | Precisely what this function does depends on your operating
> | system. The function is designed to work with the syntax of your
> | system=E2=80=99s standard shell; if you use an unusual shell, you will
> | need to redefine this function.

Oh!  I had not looked at the Info manual at all.  As you say though, it
doesn't go into much more detail on the exact semantics anyway, so no
improvement there.

> But it doesn't bother explaining what operating systems it works on,
> what is an unusual shell, or that _not_ having it defined in a way
> consistent with the shell has security implications.
>
> I think this has contributed to Taylan having a "gut feeling" that
> it may not be secure on Windows, because it is difficult to
> understand the implementation and is not well-documented and the
> attitude is not a good sign. For example, ^-quoting is only applied
> if [%!"] are present, but is applied to [%!()"<>&|^]. Why? Who
> knows? The linked documentation for CommandLineToArgV provides no
> insight about this second level of quoting. Why does ms-dos have
> separate logic from nt?
>
> And I know there's nothing to be done for it, but the fact that it
> does not have any way to escape wildcards is concerning. I think it
> would be reasonable for it to be an error if a character that it
> doesn't know how to handle or can't handle is present, rather than
> just muddle through. The whole point of having a function is to get
> it right; if you don't care about that then (format "command \"%s\""
> filename) is good enough for 95% of usage.
>
>
> Speaking of Tramp, what if the local shell is not the same as the
> remote shell? And I don't see how the commands it runs "require a
> bournish shell" at all. they require that the commands themselves
> exist, but that's nothing to do with the shell.
>
> Tramp also (as of Emacs 24.5) wraps shell-quote-argument in its own
> logic which fixes a newline handling bug that is no longer present.
> Which also violates the "don't reinvent the wheel" policy - the fix
> should have been submitted to shell-quote-argument itself (as it
> ultimately was), and should never have been included in a version of
> tramp that shipped with Emacs.
>
> It even has a TODO item:
>
> ;; * Rewrite `tramp-shell-quote-argument' to abstain from using
> ;;   `shell-quote-argument'.
>
> So much for not reinventing the wheel.

Thank you. :-)

Taylan