On Sun, 30 Aug 2020, Craig Sanders wrote: > On Tue, Aug 18, 2020 at 04:54:08PM +1000, Mark Trickett wrote: > > I do understand that there can be security issues if used without a measure > > of care and thoughtful, but it also has much merit when coping with some of > > the regular expressions that come up as examples in email and on web pages. > > the "security issues" comes from blindly executing code/commands that you > don't understand. > > treat everything as just an example that needs further research. never execute > something posted by someone else(*) unless you know what it does and how and > why.
It theoretically is not safe to simple paste the selection into an editor before vetting it. Through CSS and javascript, what you select in a browser and what ends up in the copy-paste buffer are frequently different. That copy paste buffer may contain ANSI-escape sequences to exit your editor and run a command directly. https://news.ycombinator.com/item?id=10554679 https://security.stackexchange.com/questions/39118/how-can-i-protect-myself-from-this-kind-of-clipboard-abuse -- Tim Connors _______________________________________________ luv-main mailing list [email protected] https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
