Re: master 739593d 3/5: Make gnus-copy-file act like copy-file etc.

[Eli Zaretskii]

> From: Paul Eggert <address@hidden>
> Date: Wed, 13 Sep 2017 13:07:47 -0700
> Cc: address@hidden
> 
> On 09/13/2017 12:33 PM, Lars Ingebrigtsen wrote:
> > Breaking this ages-old (and convenient) behaviour doesn't seem like a
> > good idea to me either.
> 
> It's an area where convenience and security collide. I'm open to 
> suggestions to restoring convenience, but would rather not see security 
> holes reintroduced.

I thought we agreed that the security issue is less of a concern in
interactive use of these functions, because interactive invocations
are less predictable, whereas the attack scenario in this case
requires that the attacker know in advance that Emacs will issue a
certain system call.

Based on that, I believe we agreed to leave the interactive behavior
alone, and only change the non-interactive one.