On Sun, 30 Aug 2020, Craig Sanders wrote:
On Tue, Aug 18, 2020 at 04:54:08PM +1000, Mark Trickett wrote:
I do understand that there can be security issues if used without a measure of care and thoughtful, but it also has much merit when coping with some of the regular expressions that come up as examples in email and on web pages.
the "security issues" comes from blindly executing code/commands that you don't understand.
treat everything as just an example that needs further research. never execute something posted by someone else(*) unless you know what it does and how and why.
It theoretically is not safe to simple paste the selection into an editor before vetting it. Through CSS and javascript, what you select in a browser and what ends up in the copy-paste buffer are frequently different. That copy paste buffer may contain ANSI-escape sequences to exit your editor and run a command directly. https://news.ycombinator.com/item?id=10554679 https://security.stackexchange.com/questions/39118/how-can-i-protect-myself-... -- Tim Connors