[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bracketed paste causes readline() to return multiple lines
|
From: |
Karl O. Pinc |
|
Subject: |
Re: Bracketed paste causes readline() to return multiple lines |
|
Date: |
Tue, 2 Jan 2024 16:08:01 -0600 |
On Tue, 2 Jan 2024 16:43:40 -0500
Chet Ramey <chet.ramey@case.edu> wrote:
> Bracketed paste is all or nothing: either it's on and everything that
> gets pasted is inserted into the line buffer, or it's off and every
> pasted character is treated as if it had been typed at the keyboard
> and causes execution of any readline function bound to it.
I tried to come up with a patch that exempts newlines from this
bracketed-paste behavior, per a config, because I believe it useful to
separate the "extra human review" of pasted text, that is signaled
"complete" when the user presses newline after pasting, from the
suppression of readline function execution. The latter being
useful to avoid surprises should the user paste text crafted
by an attacker that has "hidden" readline-function-invoking characters.
And the former being more like the --interactive flag for
cp or mv, an "ask me again" flag. Because if newline is causing
readline to do hidden, malicious, things all is already lost.
But my initial patch attempt failed and I've not gotten back to it.
FWIW, here's an example of text to paste which will "confuse"
bash with bracketed-paste on:
adduser --disabled-password foo
NEWHOME=~foo
Regards,
Karl <kop@karlpinc.com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein