From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) Newsgroups: gmane.lisp.guile.devel Subject: Re: [PATCH] Do not scan for coding declarations in open-file Date: Thu, 31 Jan 2013 22:51:58 +0100 Message-ID: <878v79ja0x.fsf@gnu.org> References: <87zk0dq6sb.fsf@tines.lan> <8738y2x04e.fsf@gnu.org> <87zk01v45b.fsf@pobox.com> <878v7ahrfz.fsf_-_@tines.lan> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Trace: ger.gmane.org 1359669131 18706 80.91.229.3 (31 Jan 2013 21:52:11 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Thu, 31 Jan 2013 21:52:11 +0000 (UTC) Cc: Andy Wingo , guile-devel@gnu.org To: Mark H Weaver Original-X-From: guile-devel-bounces+guile-devel=m.gmane.org@gnu.org Thu Jan 31 22:52:27 2013 Return-path: Envelope-to: guile-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1U123U-0001wE-1g for guile-devel@m.gmane.org; Thu, 31 Jan 2013 22:52:24 +0100 Original-Received: from localhost ([::1]:53014 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1U123B-0005Cw-Uz for guile-devel@m.gmane.org; Thu, 31 Jan 2013 16:52:05 -0500 Original-Received: from eggs.gnu.org ([208.118.235.92]:44415) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1U1239-0005Cr-Tx for guile-devel@gnu.org; Thu, 31 Jan 2013 16:52:04 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1U1236-0008Og-FV for guile-devel@gnu.org; Thu, 31 Jan 2013 16:52:03 -0500 Original-Received: from mail2-relais-roc.national.inria.fr ([192.134.164.83]:35128) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1U1236-0008OJ-9L for guile-devel@gnu.org; Thu, 31 Jan 2013 16:52:00 -0500 X-IronPort-AV: E=Sophos;i="4.84,579,1355094000"; d="scan'208";a="898202" Original-Received: from reverse-83.fdn.fr (HELO pluto) ([80.67.176.83]) by mail2-relais-roc.national.inria.fr with ESMTP/TLS/DHE-RSA-AES128-SHA; 31 Jan 2013 22:51:58 +0100 X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 12 =?utf-8?Q?Pluvi=C3=B4se?= an 221 de la =?utf-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0xEA52ECF4 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 83C4 F8E5 10A3 3B4C 5BEA D15D 77DD 95E2 EA52 ECF4 X-OS: x86_64-unknown-linux-gnu In-Reply-To: <878v7ahrfz.fsf_-_@tines.lan> (Mark H. Weaver's message of "Thu, 31 Jan 2013 00:06:24 -0500") User-Agent: Gnus/5.130005 (Ma Gnus v0.5) Emacs/24.2 (gnu/linux) X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 192.134.164.83 X-BeenThere: guile-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Developers list for Guile, the GNU extensibility library" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guile-devel-bounces+guile-devel=m.gmane.org@gnu.org Original-Sender: guile-devel-bounces+guile-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.lisp.guile.devel:15660 Archived-At: Mark H Weaver skribis: > My position is that the current coding-auto-detection behavior of > 'open-file' is likely to lead to security flaws in software built using > Guile. The issue is that programs that receive text from an untrusted > source, write those strings to a file, and then read them back in, is > potentially vulnerable to hostile coding declarations inserted within > those strings. The way Emacs handles this is that it detects the =E2=80=98coding:=E2=80=99= cookie and automatically switches the encoding accordingly. Just mentioning it, because we seem to be hesitant between two opposite solutions in the design space: one is Emacs, designed to make things work by default in practical cases, and the other is POSIX, designed to leave programmers with all the power of a chainsaw. Ludo=E2=80=99.