[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emac
From: |
tomas |
Subject: |
Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop |
Date: |
Thu, 9 Mar 2023 09:20:51 +0100 |
On Thu, Mar 09, 2023 at 09:19:53AM +0200, Eli Zaretskii wrote:
> > From: Po Lu <luangruo@yahoo.com>
> > Cc: Ulrich Mueller <ulm@gentoo.org>, rpluim@gmail.com, emacs-devel@gnu.org
> > Date: Thu, 09 Mar 2023 08:50:21 +0800
> >
> > Eli Zaretskii <eliz@gnu.org> writes:
> >
> > > I hope it is, but I thought this about Bash as well...
> >
> > sed is be portable as long as you avoid alternation, separators in
> > patterns, empty parenthesized patterns, character classes, nested
> > parentheses, and some other pitfalls which don't immediately come to
> > mind.
>
> I meant its being installed, not what it can portably accept. If
> there are GNU systems out there without Bash (oh, horror!), then
> anything goes.
>
> What next? GNU systems without Coreutils or Grep or Find? Systems
> without GCC (or any compiler) are already widespread. The end of the
> world must be near...
POSIX is a pretty respectable baseline one might want to target.
And guess what? Bash isn't the only POSIX shell.
Now a project like Emacs could just say "what do I care about
POSIX?". But that would be, IMHO, a disservice to free software.
Cheers
--
t
signature.asc
Description: PGP signature
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, (continued)
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Po Lu, 2023/03/08
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Eli Zaretskii, 2023/03/08
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Po Lu, 2023/03/08
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Eli Zaretskii, 2023/03/09
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Po Lu, 2023/03/09
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Manuel Giraud, 2023/03/09
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop,
tomas <=
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Po Lu, 2023/03/08
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Ulrich Mueller, 2023/03/08
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Eli Zaretskii, 2023/03/08
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Eli Zaretskii, 2023/03/08
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Robert Pluim, 2023/03/08
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Ulrich Mueller, 2023/03/08
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Robert Pluim, 2023/03/08
- Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, Eli Zaretskii, 2023/03/08