From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Stefan Monnier Newsgroups: gmane.emacs.devel Subject: Re: SES local variables to define printers Date: Sun, 26 May 2013 21:35:49 -0400 Message-ID: References: <801u8tcwtl.fsf@gmail.com> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: ger.gmane.org 1369618567 24443 80.91.229.3 (27 May 2013 01:36:07 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 27 May 2013 01:36:07 +0000 (UTC) Cc: emacs-devel@gnu.org To: Vincent =?iso-8859-1?Q?Bela=EFche?= Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon May 27 03:36:06 2013 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1UgmM0-00077k-46 for ged-emacs-devel@m.gmane.org; Mon, 27 May 2013 03:36:04 +0200 Original-Received: from localhost ([::1]:46948 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UgmLz-000680-Ku for ged-emacs-devel@m.gmane.org; Sun, 26 May 2013 21:36:03 -0400 Original-Received: from eggs.gnu.org ([208.118.235.92]:56758) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UgmLs-00067u-Gp for emacs-devel@gnu.org; Sun, 26 May 2013 21:36:01 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1UgmLn-0004AO-IO for emacs-devel@gnu.org; Sun, 26 May 2013 21:35:56 -0400 Original-Received: from ironport2-out.teksavvy.com ([206.248.154.182]:54089) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UgmLn-0004AH-DY for emacs-devel@gnu.org; Sun, 26 May 2013 21:35:51 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Av4EABK/CFHO+Lc3/2dsb2JhbABEvw4Xc4IeAQEEAVYjBQsLNBIUGA0kiB4GwS2RCgOkeoFegxM X-IPAS-Result: Av4EABK/CFHO+Lc3/2dsb2JhbABEvw4Xc4IeAQEEAVYjBQsLNBIUGA0kiB4GwS2RCgOkeoFegxM X-IronPort-AV: E=Sophos;i="4.84,565,1355115600"; d="scan'208";a="14539948" Original-Received: from 206-248-183-55.dsl.teksavvy.com (HELO pastel.home) ([206.248.183.55]) by ironport2-out.teksavvy.com with ESMTP/TLS/ADH-AES256-SHA; 26 May 2013 21:35:45 -0400 Original-Received: by pastel.home (Postfix, from userid 20848) id C2C8D631DE; Sun, 26 May 2013 21:35:49 -0400 (EDT) In-Reply-To: <801u8tcwtl.fsf@gmail.com> ("Vincent =?iso-8859-1?Q?Bela=EFch?= =?iso-8859-1?Q?e=22's?= message of "Sun, 26 May 2013 22:25:58 +0200") User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux) X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 206.248.154.182 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:159821 Archived-At: > That would not really make it safer because any hacker could find the > `somewhere in the file' and put some malicious definition there. You'd check the function's safety when reading the file, of course, as it is done currently for the `printer' arg of ses-cell. > My concern was more about getting the system stuck, but you still have > the C-g Exactly: it allows denial-of-service kinds of attacks, but you can probably already get similar problems some other way (e.g. provide a `printer' argument that's a circular structure, so that the safety checking doesn't terminate). Stefan