From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <zsh-workers-return-41082-mason-zsh=primenet.com.au@zsh.org>
Received: (qmail 24152 invoked by alias); 10 May 2017 05:02:41 -0000
Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm
Precedence: bulk
X-No-Archive: yes
List-Id: Zsh Workers List <zsh-workers.zsh.org>
List-Post: <mailto:zsh-workers@zsh.org>
List-Help: <mailto:zsh-workers-help@zsh.org>
X-Seq: 41082
Received: (qmail 7459 invoked from network); 10 May 2017 05:02:40 -0000
X-Qmail-Scanner-Diagnostics: from mail-ua0-f176.google.com by f.primenet.com.au (envelope-from <schaefer@brasslantern.com>, uid 7791) with qmail-scanner-2.11 
 (clamdscan: 0.99.2/21882. spamassassin: 3.4.1.  
 Clear:RC:0(209.85.217.176):SA:0(-2.8/5.0):. 
 Processed in 0.979622 secs); 10 May 2017 05:02:40 -0000
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on f.primenet.com.au
X-Spam-Level: 
X-Spam-Status: No, score=-2.8 required=5.0 tests=RCVD_IN_DNSWL_NONE,
	RCVD_IN_MSPIKE_H2,SPF_PASS,T_DKIM_INVALID autolearn=unavailable
	autolearn_force=no version=3.4.1
X-Envelope-From: schaefer@brasslantern.com
X-Qmail-Scanner-Mime-Attachments: |
X-Qmail-Scanner-Zip-Files: |
Received-SPF: pass (ns1.primenet.com.au: SPF record at _netblocks.google.com designates 209.85.217.176 as permitted sender)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=brasslantern-com.20150623.gappssmtp.com; s=20150623;
        h=from:message-id:date:in-reply-to:comments:references:to:subject
         :mime-version;
        bh=sFaDNAESfvGIAtJTTsTIsMqNYK2M/UW9/cYFSN1/G5w=;
        b=CCl/c+HI/oWdNA+FcqhAir12LWAU5JKrj+aSoHg4IJ8gvBQaTOdZc2p2WQkyd16ou0
         cpZb8uF7fbZ4khioI5XfauXJUAkyekvy+m0Q0kKJ8Utmr4bl5P7GQL6TixTlw9WQBzni
         NCBajjmOlna6uj65NVImuDG+DhrsjsWirnIVdiky0m+niQnDH/C6zltVa7dsZHSSLKDq
         CYVTumdaZftECRsDXfDex9N51hU4RDumHzNgoR+bO8D2wsnDqezcUkdzHhK+Exs597sH
         fm+H8Yr1gh+9OKjiRJEL8eut3Rc20ivI2NbXoUV48L15Zf7iPCrx93hEgNq/wfmnF4jn
         e/Fg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:message-id:date:in-reply-to:comments
         :references:to:subject:mime-version;
        bh=sFaDNAESfvGIAtJTTsTIsMqNYK2M/UW9/cYFSN1/G5w=;
        b=cTgR9GmPkIrzCtynFUx4XZInUKnSwCMFVZfvFehOf755f7W4gPmXiYbsJIUZQUZer1
         5WyR+feA3OyulgcwaXVHgUTt3BjU3zUsUSrsUPMw4CzpLrqu6hlXEOKgkkU4RhKAUtvx
         XtUZykGRBb4whoJFCV6fqj31DQhzalQ1Q0PLkX3+Tdf3wIYx16QwQzAvUw2dnBcgBoUI
         mReTUlhOI41hbNahFJtgtr3IKj5QLeY+nYbeGIJetCN/vzyLa5yi1ddJkRDdoZ94eBTJ
         cKK9sW2vaB9Zp2EU0HKTEHCLEJk6AokunrUurYCISgtS+29aYU8Z0Ar9JselAnmm4YpB
         7ceQ==
X-Gm-Message-State: AODbwcDpcH1LDCei+neJcZnc4cKn2bLzghupNyYYHXNsRGSkPN/n5IAw
	m80cPayQnXmO/5vB
X-Received: by 10.176.17.94 with SMTP id g30mr1913152uac.125.1494392554485;
        Tue, 09 May 2017 22:02:34 -0700 (PDT)
From: Bart Schaefer <schaefer@brasslantern.com>
Message-Id: <170509220247.ZM7112@torch.brasslantern.com>
Date: Tue, 9 May 2017 22:02:47 -0700
In-Reply-To: <11381B06-E104-4785-8BB7-AC5E5B0296F0@nexenta.com>
Comments: In reply to Jan Kryl <jan.kryl@nexenta.com>
        "autocompletion is broken in restricted shell" (May  8, 11:38am)
References: <11381B06-E104-4785-8BB7-AC5E5B0296F0@nexenta.com>
X-Mailer: OpenZMail Classic (0.9.2 24April2005)
To: zsh-workers@zsh.org
Subject: Re: autocompletion is broken in restricted shell
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii

I know Peter already committed the patch included with this, but I think
it's worth revisiting:

On May 8, 11:38am, Jan Kryl wrote:
}
} after we updated zsh to 5.3 autocompletion stopped to work for us in
} restricted shell. This is mainly due to "38692: IFS can't be changed
} in restricted mode".
[...]
} I suppose there is a good reason why setting IFS is not allowed in
} restricted mode

If you look at workers/38692 there is a URL linking to a security exploit 
that is made possible by changing $IFS.

} However at least I would like to fix another thing which breaks
} autocompletion and that is using write redirections in autocompletion
} code. That can be avoided by using 2>&- instead of 2>/dev/null.

As I said in workers/41075 I don't think this is useful.  It also is
applicable only in restricted mode.  Looking again at workers/38692
I quote:

>> I don't think we ever expect the completion system to work properly
>> in restricted mode, do we? I would generally expect that any
>> environment involving functions other than extremely trivial ones
>> can't rely on restricted mode.

If we're already admitting that compsys is too complex to be reliable
in restricted mode, I think we should not have applied a patch that
only matters in restricted mode and that might cause spurious errors
in the far more common case.