-----BEGIN PGP SIGNED MESSAGE-----
on 02/26/2009 04:05 PM Stephen J. Turnbull said the following:
...but there are so many ways to get code executed in Emacsen I
shiver to think there's anybody out there who would refuse to use an
Emacs without a patch for this bug, but would use an Emacs with a
patch for it.
The issue, I believe, is the silent (i.e. inadvertent) execution of
code, say "rm -rf $HOME &".
Before we go spending energy on alleged security bugs, we should
more carefully about what we want our security posture to be. I note
that the Python developers eventually gave up on "restricted mode",
Agreed. I don't recall any such discussion, but maybe there has been.
- --- Vladimir
Vladimir G. Ivanovic
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
XEmacs-Beta mailing list