GNU bug report logs - #43071
Enable WebKit sandboxing

Previous Next

Package: emacs;

Reported by: Paul Eggert <eggert <at> cs.ucla.edu>

Date: Thu, 27 Aug 2020 13:15:02 UTC

Severity: normal

Tags: patch, security

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Paul Eggert <eggert <at> cs.ucla.edu>
To: 43071 <at> debbugs.gnu.org
Cc: Robert Pluim <rpluim <at> gmail.com>, Jimmy Aguilar Mena <kratsbinovish <at> gmail.com>, Jaesup Kwak <veshboo <at> gmail.com>, Qiantan Hong <qhong <at> mit.edu>, Sungbin Jo <pcr910303 <at> icloud.com>
Subject: bug#43071: Enable WebKit sandboxing
Date: Thu, 27 Aug 2020 06:14:37 -0700

[Message part 1 (text/plain, inline)]
Qiantan Hong suggested that Emacs should enable sandboxing in WebKit, for all 
the usual security reasons. (Thanks, Qiantan!)

Attached is a proposed patch to implement that suggestion; it's a bit fancier 
than what Qiantan originally proposed in 
<https://lists.gnu.org/r/emacs-devel/2020-08/msg00896.html> because it checks 
that WebKit 2.26 or later is in use, and it avoids a duplicate call to 
webkit_web_context_get_default. I'm cc'ing this to Qiantan and to other recent 
committers to xwidget.c, to get their opinions.

[0001-Use-WebKit-sandboxing.patch (text/x-patch, attachment)]
This bug report was last modified 4 years and 210 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.