emacs-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

address@hidden: Emacs security bug]


From: Eli Zaretskii
Subject: address@hidden: Emacs security bug]
Date: Sat, 10 May 2008 00:44:44 +0300

------- Start of forwarded message -------
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham 
        version=3.1.0
Date: Fri, 9 May 2008 12:45:25 -0400
From: "Morten Welinder" <address@hidden>
To: address@hidden
Subject: Emacs security bug

Hi there,

it's been a while or two -- DJGPP was hot, new technology when we last
spoke, :-)

It's unclear to me where to send Emacs security concerns, so I am sending
this one to you.  Please forward appropriately.

1. Create .emacs with contents
    (global-font-lock-mode t)
    (seq font-lock-support-mode 'fast-lock-mode)

2. Create foo.c with contents /* Nothing to see here */

3. Create foo.c.flc with contents (message "Something to see here!")

4. Start Emacs and load foo.c

- --> Observe that code from foo.c.flc is run.  Not good.
(This is with Emacs 21.3.1; XEmacs is also affected, although step 1 needs to
be adjusted.)

Suggestions:

a. Remove "." from fast-lock-cache-directories.  Littering little
files everywhere
    is not a good idea anyway.

b. Don't use load to handle the .flc file.  Instead read it into a
buffer and read
    one s-expression at a time and verify that it is sane before evaluating it.

c. Don't use files owned by anyone else.  This cannot stand alone, though, as
    it has a race condition.

Morten Welinder
------- End of forwarded message -------




reply via email to

[Prev in Thread] Current Thread [Next in Thread]