Re: [Emacs-diffs] master f373e81 1/2: New lispref section “Security Con

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Emacs-diffs] master f373e81 1/2: New lispref section “Security Con

From:	Stefan Monnier
Subject:	Re: [Emacs-diffs] master f373e81 1/2: New lispref section “Security Considerations”
Date:	Thu, 22 Oct 2015 00:15:13 -0400
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/25.0.50 (gnu/linux)

>     * doc/lispref/os.texi (Security Considerations):
>     New node.

There's also the fact that various features like file-local variables
mean that opening /some/file/some/where can be dangerous if that file or
some parent directory is under the control of an attacker.

We do some effort to protect against such holes, but the risk is very
real: it only takes a single package setting safe-local-variable too
optimistically (such as elpa/packages/ada-mode recently, IIRC).


        Stefan

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Emacs-diffs] master f373e81 1/2: New lispref section “Security Considerations”, Stefan Monnier <=
- Re: [Emacs-diffs] master f373e81 1/2: New lispref section “Security Considerations”, Eli Zaretskii, 2015/10/22

Prev by Date: Re: [PATCH] Add shell-quasiquote.
Next by Date: Re: keys with meta-prefix cannot be longer than two chars?
Previous by thread: fix/ert-multiline-explanation
Next by thread: Re: [Emacs-diffs] master f373e81 1/2: New lispref section “Security Considerations”
Index(es):
- Date
- Thread