>...but my experience working with /bin/sh in other matters over the years
>suggests that the safest thing to do is always to quote shell metacharacters
>you aren't deliberately intending to interpret.
Right, but think about what is happening here. We are passing this
arbitrary text to user-controlled command line which might possibly be
in their .mh_profile. Is %{name} surrounded by double quotes? By single
quotes? By any quotes at all? Different quoting rules for each! I think
trying to intuit the right quoting rules is nearly impossible. I suppose
we could in theory see if %{xxx} is quoted, but it might be part of some
other quoted string, e.g.: "Now displaying %{name}" or whatever. It just
seems like any solution here is going to be super-fragile and we're going
to run into someone where it doesn't work for them.
That's why I am thinking that for THIS case, anything that ends up as
a shell metacharacter should be stripped out. Or ... we decide on a
very specific set of interface rules and document them completely.
--Ken
--
Nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers
