jed-users mailing list

[2003 Date Index] [2003 Thread Index] [Other years]
[Thread Prev] [Thread Next] [Date Prev] [Date Next]

Re: Re: [jed-users] setting programming style

Subject: Re: Re: [jed-users] setting programming style
From: Guenter Milde <milde@xxxxxxxxxxxxxxxxxxxx>
Date: Fri, 17 Jan 2003 08:53:25 +0100 (CET)

On Thu, 16 Jan 2003 13:36:21 -0500 wrote "John E. Davis" <davis@xxxxxxxxxxxxx>:

> Paul Shirley <paul.shirley@xxxxxxxxxxxx> wrote:
> >The 'jump to error' support would make a good attack target for this 
> >(with a few gratuitous syntax errors in source packages)
> 
> Compile_Default_Compiler only has an effect on the regular expressions
> used when parsing compiler output.  The variables to worry about are
> those that determine what programs get run via, e.g., shell_cmd, etc.
> For example, XTerm_Pgm in runpgm.sl is one such variable. 
> 
> My suggestion is to require variables that specify programs to be run
> in a subshell should have names that end in "_Pgm".  That way, the code in
> modehook.sl warn the user if a file's mode statement tries to
> modify the value of such a variable.
> 
> This convention would also require the name changes:
> 
> acompile.sl:
>    Shell_Default_Shell  ==> Shell_Default_Shell_Pgm
>    Shell_Default_Interactive_Shell  ==> Shell_Default_Interactive_Shell_Pgm
> 
> docbook.sl
>    Sgml_Compile_PS_Cmd  ==> Sgml_Compile_PS_Pgm
>    Sgml_Compile_Pdf_Cmd  ==> Sgml_Compile_Pdf_Pgm
>    Sgml_Compile_Html_Cmd  ==> Sgml_Compile_Html_Pgm
>    Sgml_View_PS_Cmd  ==> Sgml_View_PS_Pgm
>    Sgml_View_Pdf_Cmd  ==> Sgml_View_Pdf_Pgm
>    Sgml_View_Html_Cmd  ==> Sgml_View_Html_Pgm
> 
> Are there any others?

There are quite a lot in my extension modes (published at jmr).

ishell.sl
>    IShell_Default_Shell  ==> IShell_Default_Shell_Pgm
>    IShell_Default_Interactive_Shell  ==> IShell_Default_Interactive_Shell_Pgm

grep.sl, ...
filelist.sl, ...
...

Actually, it seems not really secure to me to base security on a convention. I
like the idea of a whitelist far more.

On Fri, 17 Jan 2003 04:45:45 +0000 wrote Paul Shirley <paul.shirley@xxxxxxxxxxxx>:

> Using a whitelist as the primary security implies a deny-all policy. 
> Ship an empty whitelist and you can't possibly get it wrong ;)

Maybe one could allow the default action of setting the mode...

Günter

--
Milde at ife.et.tu-dresden.de


--------------------------
To unsubscribe send email to <jed-users-request@xxxxxxxxxxx> with
the word "unsubscribe" in the message body.
Need help? Email <jed-users-owner@xxxxxxxxxxx>.

References:
- RE: [jed-users] setting programming style
  - From: SANGOI DINO
- Re: [jed-users] setting programming style
  - From: Frank v Waveren
- Re: [jed-users] setting programming style
  - From: John E. Davis
- Re: [jed-users] setting programming style
  - From: Frank v Waveren
- Re: [jed-users] setting programming style
  - From: Paul Shirley
- Re: [jed-users] setting programming style
  - From: John E. Davis

[2003 date index] [2003 thread index]
[Thread Prev] [Thread Next] [Date Prev] [Date Next]