From unknown Sat Sep 20 09:29:33 2025
X-Loop: owner@emacsbugs.donarmstrong.com
Subject: bug#4218: Security assertion needs modification or more detail
Reply-To: Reuben Thomas <rrt@sc3d.org>, 4218@debbugs.gnu.org
Resent-From: Reuben Thomas <rrt@sc3d.org>
Resent-To: bug-submit-list@lists.donarmstrong.com
Resent-CC: Emacs Bugs <bug-gnu-emacs@gnu.org>
2Resent-Date: Thu, 20 Aug 2009 23:50:04 +0000
Resent-Message-ID: <handler.4218.B.125081166918557@emacsbugs.donarmstrong.com>
Resent-Sender: help-debbugs@gnu.org
X-Emacs-PR-Message: report 4218
X-Emacs-PR-Package: emacs
X-Emacs-PR-Keywords: 
Received: via spool by submit@emacsbugs.donarmstrong.com id=B.125081166918557
          (code B ref -1); Thu, 20 Aug 2009 23:50:04 +0000
Received: (at submit) by emacsbugs.donarmstrong.com; 20 Aug 2009 23:41:09 +0000
X-Spam-Checker-Version: SpamAssassin 3.2.5-bugs.debian.org_2005_01_02
	(2008-06-10) on rzlab.ucr.edu
X-Spam-Level: 
X-Spam-Bayes: score:0.5 Bayes not run. spammytokens:Tokens not available.
	hammytokens:Tokens not available.
X-Spam-Status: No, score=0.0 required=4.0 tests=none autolearn=ham
	version=3.2.5-bugs.debian.org_2005_01_02
Received: from lists.gnu.org (lists.gnu.org [199.232.76.165])
	by rzlab.ucr.edu (8.14.3/8.14.3/Debian-5) with ESMTP id n7KNf71r018554
	for <submit@emacsbugs.donarmstrong.com>; Thu, 20 Aug 2009 16:41:08 -0700
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1MeHFi-0004GR-Ds
	for bug-gnu-emacs@gnu.org; Thu, 20 Aug 2009 19:41:06 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1MeHFd-0004GF-Nj
	for bug-gnu-emacs@gnu.org; Thu, 20 Aug 2009 19:41:06 -0400
Received: from [199.232.76.173] (port=39448 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1MeHFd-0004GB-JR
	for bug-gnu-emacs@gnu.org; Thu, 20 Aug 2009 19:41:01 -0400
Received: from fencepost.gnu.org ([140.186.70.10]:46650)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <rrt@sc3d.org>)
	id 1MeHFd-0006X6-8z
	for bug-gnu-emacs@gnu.org; Thu, 20 Aug 2009 19:41:01 -0400
Received: from mail.gnu.org ([199.232.76.166]:36610 helo=mx10.gnu.org)
	by fencepost.gnu.org with esmtp (Exim 4.67)
	(envelope-from <rrt@sc3d.org>)
	id 1MeHFd-00026k-1Z
	for bug-emacs@gnu.org; Thu, 20 Aug 2009 19:41:01 -0400
Received: from Debian-exim by monty-python.gnu.org with spam-scanned (Exim 4.60)
	(envelope-from <rrt@sc3d.org>)
	id 1MeHFb-0006Wm-42
	for bug-emacs@gnu.org; Thu, 20 Aug 2009 19:41:00 -0400
Received: from exprod7og109.obsmtp.com ([64.18.2.171]:56905)
	by monty-python.gnu.org with smtp (Exim 4.60)
	(envelope-from <rrt@sc3d.org>)
	id 1MeHFa-0006WQ-MV
	for bug-emacs@gnu.org; Thu, 20 Aug 2009 19:40:58 -0400
Received: from source ([209.85.219.227]) by exprod7ob109.postini.com ([64.18.6.12]) with SMTP
	ID DSNKSo3fCBAvAY7t1nAFsKBuMbRi8Qe5Ucfq@postini.com; Thu, 20 Aug 2009 16:40:58 PDT
Received: by ewy27 with SMTP id 27so311068ewy.16
        for <bug-emacs@gnu.org>; Thu, 20 Aug 2009 16:40:56 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.210.112.4 with SMTP id k4mr728245ebc.44.1250811656153; Thu, 20 
	Aug 2009 16:40:56 -0700 (PDT)
Date: Fri, 21 Aug 2009 00:40:56 +0100
Message-ID: <f92540e30908201640u74297cc5qdb3081cb9d7c0190@mail.gmail.com>
From: Reuben Thomas <rrt@sc3d.org>
To: bug-emacs@gnu.org
Content-Type: text/plain; charset=ISO-8859-1
X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6, seldom 2.4 (older, 4)
X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6, seldom 2.4 (older, 4)

The docstring for compile-command says: "This variable is safe as a
file local variable if its value satisfies the predicate `stringp'."
I'd say this is arguable, as it can be set to an arbitrary command
e.g. "send-me-all-your-passwords; make -k".

-- 
http://rrt.sc3d.org
Radiance is the appeasement of myth (Adorno)




From unknown Sat Sep 20 09:29:33 2025
X-Loop: bug-gnu-emacs@gnu.org
Subject: bug#4218: Security assertion needs modification or more detail
Reply-To: Chong Yidong <cyd@stupidchicken.com>, 4218@debbugs.gnu.org
Mail-Followup-To: Chong Yidong <cyd@stupidchicken.com>, 4218@debbugs.gnu.org
Resent-From: Chong Yidong <cyd@stupidchicken.com>
Original-Sender: debbugs-submit-bounces@debbugs.gnu.org
Resent-To: owner@debbugs.gnu.org
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Sat, 09 Jan 2010 21:18:01 +0000
Resent-Message-ID: <handler.4218.B4218.126307184921691@debbugs.gnu.org>
Resent-Sender: bug-gnu-emacs@gnu.org
X-Emacs-PR-Message: followup 4218
X-Emacs-PR-Package: emacs
X-Emacs-PR-Keywords: 
Received: via spool by 4218-submit@debbugs.gnu.org id=B4218.126307184921691
          (code B ref 4218); Sat, 09 Jan 2010 21:18:01 +0000
Received: (at 4218) by debbugs.gnu.org; 9 Jan 2010 21:17:29 +0000
Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1NTigb-0005do-KU
	for submit@debbugs.gnu.org; Sat, 09 Jan 2010 16:17:29 -0500
Received: from pantheon-po19.its.yale.edu ([130.132.50.75])
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <cyd@stupidchicken.com>) id 1NTigZ-0005df-He
	for 4218@debbugs.gnu.org; Sat, 09 Jan 2010 16:17:27 -0500
Received: from furry (173-14-147-246-NewEngland.hfc.comcastbusiness.net
	[173.14.147.246]) (authenticated bits=0)
	by pantheon-po19.its.yale.edu (8.12.11.20060308/8.12.11) with ESMTP id
	o09LHMP3029669
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Sat, 9 Jan 2010 16:17:23 -0500
Received: by furry (Postfix, from userid 1000)
	id CA2C6C05D; Sat,  9 Jan 2010 14:17:22 -0700 (MST)
From: Chong Yidong <cyd@stupidchicken.com>
To: Reuben Thomas <rrt@sc3d.org>
Date: Sat, 09 Jan 2010 16:17:22 -0500
Message-ID: <87d41jt1ul.fsf@stupidchicken.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-YaleITSMailFilter: Version 1.2c (attachment(s) not renamed)
X-Spam-Score: -5.6 (-----)
Cc: 4218@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.11
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
	<mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/pipermail/debbugs-submit>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
	<mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Sender: debbugs-submit-bounces@debbugs.gnu.org
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
X-Spam-Score: -5.6 (-----)

> The docstring for compile-command says: "This variable is safe as a
> file local variable if its value satisfies the predicate `stringp'."
> I'd say this is arguable, as it can be set to an arbitrary command
> e.g. "send-me-all-your-passwords; make -k".

Thanks for the bug report.

I think the main risk occurs when the user has customized
compilation-read-command to nil, because then M-x compile does not issue
a prompt.  So, I've changed the predicate to consider compile-command
unsafe if compilation-read-command is nil.

We could be more aggressive and always consider compilation-command
unsafe, but I'm not sure that's warranted.  After all, there is the risk
that your makefile is malicious, anyway.




From debbugs-submit-bounces@debbugs.gnu.org Wed Jun 30 16:19:24 2010
Received: (at control) by debbugs.gnu.org; 30 Jun 2010 20:19:25 +0000
Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1OU3ki-0002vW-KP
	for submit@debbugs.gnu.org; Wed, 30 Jun 2010 16:19:24 -0400
Received: from pantheon-po18.its.yale.edu ([130.132.50.74])
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <cyd@stupidchicken.com>) id 1OU3kf-0002vN-M7
	for control@debbugs.gnu.org; Wed, 30 Jun 2010 16:19:22 -0400
Received: from furry (dhcp128036163215.central.yale.edu [128.36.163.215])
	(authenticated bits=0)
	by pantheon-po18.its.yale.edu (8.12.11.20060308/8.12.11) with ESMTP id
	o5UKJHaZ028330
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT)
	for <control@debbugs.gnu.org>; Wed, 30 Jun 2010 16:19:17 -0400
Received: by furry (Postfix, from userid 1000)
	id E80E6C011; Wed, 30 Jun 2010 16:19:16 -0400 (EDT)
From: Chong Yidong <cyd@stupidchicken.com>
To: control@debbugs.gnu.org
Subject: close 4218
Date: Wed, 30 Jun 2010 16:19:16 -0400
Message-ID: <87tyok5l4r.fsf@stupidchicken.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-YaleITSMailFilter: Version 1.2c (attachment(s) not renamed)
X-Spam-Score: -2.8 (--)
X-Debbugs-Envelope-To: control
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.11
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
	<mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/pipermail/debbugs-submit>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
	<mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Sender: debbugs-submit-bounces@debbugs.gnu.org
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
X-Spam-Score: -2.8 (--)

close 4218
thanks