GNU bug report logs - #4218
Security assertion needs modification or more detail

Previous Next

Package: emacs;

Reported by: Reuben Thomas <rrt <at> sc3d.org>

Date: Thu, 20 Aug 2009 23:50:04 UTC

Severity: normal

Done: Chong Yidong <cyd <at> stupidchicken.com>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 4218 in the body.
You can then email your comments to 4218 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to bug-submit-list <at> lists.donarmstrong.com, Emacs Bugs <bug-gnu-emacs <at> gnu.org>:
bug#4218; Package emacs. (Thu, 20 Aug 2009 23:50:04 GMT) Full text and rfc822 format available.
Acknowledgement sent to Reuben Thomas <rrt <at> sc3d.org>:
New bug report received and forwarded. Copy sent to Emacs Bugs <bug-gnu-emacs <at> gnu.org>. (Thu, 20 Aug 2009 23:50:05 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> emacsbugs.donarmstrong.com (full text, mbox):

From: Reuben Thomas <rrt <at> sc3d.org>
To: bug-emacs <at> gnu.org
Subject: Security assertion needs modification or more detail
Date: Fri, 21 Aug 2009 00:40:56 +0100

The docstring for compile-command says: "This variable is safe as a
file local variable if its value satisfies the predicate `stringp'."
I'd say this is arguable, as it can be set to an arbitrary command
e.g. "send-me-all-your-passwords; make -k".

-- 
http://rrt.sc3d.org
Radiance is the appeasement of myth (Adorno)
Information forwarded to owner <at> debbugs.gnu.org, bug-gnu-emacs <at> gnu.org:
bug#4218; Package emacs. (Sat, 09 Jan 2010 21:18:01 GMT) Full text and rfc822 format available.

Message #8 received at 4218 <at> debbugs.gnu.org (full text, mbox):

From: Chong Yidong <cyd <at> stupidchicken.com>
To: Reuben Thomas <rrt <at> sc3d.org>
Cc: 4218 <at> debbugs.gnu.org
Subject: Re: Security assertion needs modification or more detail
Date: Sat, 09 Jan 2010 16:17:22 -0500

> The docstring for compile-command says: "This variable is safe as a
> file local variable if its value satisfies the predicate `stringp'."
> I'd say this is arguable, as it can be set to an arbitrary command
> e.g. "send-me-all-your-passwords; make -k".

Thanks for the bug report.

I think the main risk occurs when the user has customized
compilation-read-command to nil, because then M-x compile does not issue
a prompt.  So, I've changed the predicate to consider compile-command
unsafe if compilation-read-command is nil.

We could be more aggressive and always consider compilation-command
unsafe, but I'm not sure that's warranted.  After all, there is the risk
that your makefile is malicious, anyway.
bug closed, send any further explanations to Reuben Thomas <rrt <at> sc3d.org> Request was from Chong Yidong <cyd <at> stupidchicken.com> to control <at> debbugs.gnu.org. (Wed, 30 Jun 2010 20:20:03 GMT) Full text and rfc822 format available.
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Thu, 29 Jul 2010 11:24:03 GMT) Full text and rfc822 format available.
This bug report was last modified 15 years and 57 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.