[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Emacs-diffs] /srv/bzr/emacs/emacs-24 r108098: * admin/bzrmerge.el (
|
From: |
Glenn Morris |
|
Subject: |
Re: [Emacs-diffs] /srv/bzr/emacs/emacs-24 r108098: * admin/bzrmerge.el (bzrmerge-resolve): Disable local eval:. |
|
Date: |
Fri, 10 Aug 2012 16:42:16 -0400 |
|
User-agent: |
Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/) |
Stefan Monnier wrote:
> I had the impression that it only affects unusual configurations.
Non-default configs; don't know if I would say "unusual".
(setq enable-local-variables :safe)
is all you need.
There were a few places in Emacs that use that setting (without setting
enable-local-eval to nil). I don't think any of them were obviously
exploitable though. The autoloads one is in theory:
mkdir /tmp/foo
cd /tmp/foo
cat <<EOF > foo.el
(setq foo t)
;; Local Variables:
;; eval: (shell-command "touch /tmp/OHDEAR")
;; End:
EOF
rm -f /tmp/OHDEAR
emacs-24.1 -Q -l autoload \
--eval "(setq generated-autoload-file \"$PWD/loaddefs.el\")" \
--batch -f batch-update-autoloads .
ls /tmp/OHDEAR
But I suppose no-one creates autoloads without also byte-compiling,
which could already eval arbitrary code.
But there could be some third-party code that binds
enable-local-variables to :safe around some operation, intending to make
things safer for the user, but actually doing the opposite.