Re: Emacs Lisp's future

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Emacs Lisp's future

From:	David Kastrup
Subject:	Re: Emacs Lisp's future
Date:	Mon, 06 Oct 2014 19:53:46 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/24.4.50 (gnu/linux)

"Stephen J. Turnbull" <address@hidden> writes:

> Eli Zaretskii writes:
>  > > From: Mark H Weaver <address@hidden>
>
>  > > It doesn't matter how these raw bytes are encoded internally.  No
>  > > matter what mechanism we use to accomplish it, propagating
>  > > invalid byte sequences by default is bad security policy.
>  > 
>  > How can we be responsible for byte streams that originated outside?
>
> By taking responsibility for them. ;-)
>
>  > That's the responsibility of the source.  And if there is a consumer,
>  > then it is their responsibility not to trip upon such bytes.
>
> Not in a security context.  In a security context, you want defense in
> depth: all separately developed components cooperate in covering up
> each others' bugs by handling input carefully and refusing to transmit
> broken output unless that is explicitly requested by the consumer (and
> you trust it to know what it's doing when it says, "don't worry, I can
> handle anything"!)

In a security relevant context, you would just not reencode before
passing the information back to the outside.

-- 
David Kastrup

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Emacs Lisp's future, (continued)

Prev by Date: Re: Overlay mechanic improvements
Next by Date: Re: Emacs Lisp's future
Previous by thread: Re: Emacs Lisp's future
Next by thread: Re: Emacs Lisp's future
Index(es):
- Date
- Thread