GNU bug report logs - #43071
Enable WebKit sandboxing

Previous Next

Package: emacs;

Reported by: Paul Eggert <eggert <at> cs.ucla.edu>

Date: Thu, 27 Aug 2020 13:15:02 UTC

Severity: normal

Tags: patch, security

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Jimmy Aguilar Mena <kratsbinovish <at> gmail.com>
To: Paul Eggert <eggert <at> cs.ucla.edu>
Cc: 43071 <at> debbugs.gnu.org, qhong <at> mit.edu, veshboo <at> gmail.com, rpluim <at> gmail.com, pcr910303 <at> icloud.com
Subject: bug#43071: Enable WebKit sandboxing
Date: Thu, 27 Aug 2020 20:14:25 +0200

[Message part 1 (text/plain, inline)]
It looks fine for me.

Maybe it should be added as a security patch for the 27.* branch.

On Thu, 27 Aug 2020 at 15:14, Paul Eggert <eggert <at> cs.ucla.edu> wrote:

> Qiantan Hong suggested that Emacs should enable sandboxing in WebKit, for
> all
> the usual security reasons. (Thanks, Qiantan!)
>
> Attached is a proposed patch to implement that suggestion; it's a bit
> fancier
> than what Qiantan originally proposed in
> <https://lists.gnu.org/r/emacs-devel/2020-08/msg00896.html> because it
> checks
> that WebKit 2.26 or later is in use, and it avoids a duplicate call to
> webkit_web_context_get_default. I'm cc'ing this to Qiantan and to other
> recent
> committers to xwidget.c, to get their opinions.
>

[Message part 2 (text/html, inline)]
This bug report was last modified 4 years and 210 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.