> From: "Theo de Raadt"
> Date: Thu, 10 Jun 2021 16:11:57 -0600
>
> I would argue for deleting that code.
Here's the diff for that.
>
> A flag for el_set which *allows it* might work for me, but I anticipate
> this is a crazy feature that programs using the library would not expect,
> and the ri
Leon Fischer wrote:
> On the other hand, users could also bind it themselves in ~/.editrc and
> trigger pledge(2) violations in programs not designed for it. It won't
> be obvious to them why their shiny feature wouldn't work.
Let me explain the future.
Pledge is now almost 6 years old, and it
I would argue for deleting that code.
A flag for el_set which *allows it* might work for me, but I anticipate
this is a crazy feature that programs using the library would not expect,
and the risks of abuse are clear.
Leon Fischer wrote:
> The editline(7) library has a little known feature: vi-
The editline(7) library has a little known feature: vi-histedit.
When invoked, the command creates a file in /tmp and spawns vi(1) to
edit it. This behavior is unaccounted for in the pledge(2) promises of
bc(1) and fsdb(8).
Steps to reproduce:
$ echo "bind -v" >> ~/.editrc
$ bc
Abort trap (core
