GNU bug report logs - #41619
[PATCH] Mark python-shell-virtualenv-root as safe local variable

Previous Next

Package: emacs;

Reported by: "Philip K." <philip.kaludercic <at> fau.de>

Date: Sat, 30 May 2020 20:32:02 UTC

Severity: normal

Tags: patch

Done: Eli Zaretskii <eliz <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #13 received at 41619 <at> debbugs.gnu.org (full text, mbox):

From: Glenn Morris <rgm <at> gnu.org>
To: 41619 <at> debbugs.gnu.org
Cc: eliz <at> gnu.org, philip.kaludercic <at> fau.de
Subject: Re: bug#41619: [PATCH] Mark python-shell-virtualenv-root as safe
 local variable
Date: Sat, 13 Jun 2020 13:20:29 -0400

I don't understand how python-shell-virtualenv-root can be considered a
safe local variable. Surely it controls what "python" executable gets run.

As a test, I did:

python3 -m venv /tmp/foo

I then replaced /tmp/foo/bin/python with a shell-script:

 #!/bin/bash
 echo oh-oh

I then ran:
emacs -Q --eval '(setq python-shell-virtualenv-root "/tmp/foo")' -f python-mode
C-c C-p

This gives an inferior Python buffer with contents:

  oh-oh

  Process Python finished

In other words, this looks like a recipe for arbitrary code execution.

This bug report was last modified 5 years and 68 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #41619 [PATCH] Mark python-shell-virtualenv-root as safe local variable

GNU bug report logs - #41619
[PATCH] Mark python-shell-virtualenv-root as safe local variable