Re: [CEDET-devel] A couple of fixes

[Dave A. <da...@bo...>]

on Thu Sep 27 2012, "Eric M. Ludlam" <ericludlam-AT-gmail.com> wrote:

> On 09/27/2012 04:31 PM, David Engster wrote:
>> Dave Abrahams writes:
>>> I realize that's probably what was intended, but really, IMO even
>>> issuing a warning is unacceptable for an existing interface, used
>>> correctly.  Existing packages shouldn't start spewing warnings when
>>> EIEIO is upgraded.  That's why I split it into two functions.  I suggest
>>> that the old function perhaps be deprecated.  Then perhaps you could
>>> issue a warning at compile-time when it's used; I don't know.
>>
>> I tend to agree, but it's Eric's call.
>>
>> -David
>>
>
> David is right, it was meant to only warn, not error.
>
> The reason it needs to warn is so that the user, not the developer, of
> tools using the old form of the call need to be aware that Emacs is
> about to run some random code off disk.
>
> The problem without the warning, and if GNUS never updated their code,
> is that someone could cause arbitrary Emacs code to run just by
> placing a special file somewhere that GNUS would pick it up.
>
> I know this makes life harder, since GNUS needs to deal with two forms
> of the same function to run in different flavors of Emacs.  Without
> the warning though, the potential security issue might never get
> fixed.

This makes sense; thanks for the explanation.

> Anyway, I checked in the change to only display the message and not
> error, so that should allow GNUs to work with just a message.  This
> already feels a bit lax to me, as if it should somehow stop and ask
> additional questions too.
>
> If the Emacs maintainers want to make the API change you suggest, I'm
> not overtly opposed to it.  My main concern is keeping things secure
> to a level they desire.

I won't pursue it; I think you made the right choice.

-- 
Dave Abrahams
BoostPro Computing                  Software Development        Training
http://www.boostpro.com             Clang/LLVM/EDG Compilers  C++  Boost