Xref: utzoo alt.security:1615 comp.unix.sysv386:675 alt.bbs:3021
Path: utzoo!attcan!uunet!aplcen!samsung!zaphod.mps.ohio-state.edu!rpi!bu.edu!husc6!cmcl2!kramden.acf.nyu.edu!brnstnd
From: brnstnd@kramden.acf.nyu.edu (Dan Bernstein)
Newsgroups: alt.security,comp.unix.sysv386,alt.bbs
Subject: Re: Here's how to stop shell escapes from vi
Message-ID: <1038:Sep2414:36:0390@kramden.acf.nyu.edu>
Date: 24 Sep 90 14:36:03 GMT
References: <924@mwtech.UUCP> <27387:Sep2320:07:3890@kramden.acf.nyu.edu> <1990Sep24.040745.10454@chinet.chi.il.us>
Organization: IR
Lines: 23

In article <1990Sep24.040745.10454@chinet.chi.il.us> les@chinet.chi.il.us (Leslie Mikesell) writes:
> In article <27387:Sep2320:07:3890@kramden.acf.nyu.edu> brnstnd@kramden.acf.nyu.edu (Dan Bernstein) writes:
> >    [ trash the colon with pty -0 tr \: \? | pty vi ]
> >I did mention that you have to set up appropriate macros as well, and
> >turn off keyboard interrupts. The only thing that you can't completely
> >control from within vi is the mapping of the colon---and my solution
> >handles that.
> Umm... Well, there's 'Q' to go to ex mode and stay there while you
> type sh,
  [ blah blah blah ]

Read my lips: ``The only thing that you can't completely control from
within vi is the mapping of the colon---and my solution handles that.''
You can map Q. You can map @. You can even map !---I didn't realize this
at first. You can map every single f-ing character the user can type.
Except the colon.

> Leaves something to 
> be desired as a form of security....

RTFABYFU.

---Dan