GNU bug report logs -
#37656
27.0.50; Arbitrary code execution with special `mode:'
Previous Next
Reported by: adam plaice <plaice.adam+lists <at> gmail.com>
Date: Tue, 8 Oct 2019 08:49:02 UTC
Severity: normal
Tags: security
Found in version 27.0.50
Fixed in version 30.1
Done: Stefan Kangas <stefankangas <at> gmail.com>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
> So the deprecated approach isn't actually a factor here.
FWIW bug#8613 included a discussion of adding an optional `:risky'
argument to define-minor-mode. If RISKY were absent (or nil) then the
relevant minor mode function would have its `safe-local-eval-function'
property set to t. (Why a `:risky' argument rather than a `:safe'
one, would have been preferable, is discussed in the bug.) In the end,
this was not implemented, (and the alternative approach of treating
modes as a special case in `hack-one-local-variable-eval-safep', was
taken). It was decided to not be needed yet, as the case of an
unsafe minor mode was considered hypothetical.
> I think it goes further than just flymake support for Elisp: flymake
> support for other major modes may also end up running arbitrary code
> (tho it will depend on the specifics).
The advantage of being able to mark minor modes as "risky" would be
that it might help solve the issue for all flymake backends and for
any third-party minor modes which are unsafe, with minimal changes
needed for such backends/modes.
Adam
This bug report was last modified 126 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.