GNU bug report logs - #43071
Enable WebKit sandboxing

Previous Next

Package: emacs;

Reported by: Paul Eggert <eggert <at> cs.ucla.edu>

Date: Thu, 27 Aug 2020 13:15:02 UTC

Severity: normal

Tags: patch, security

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Paul Eggert <eggert <at> cs.ucla.edu>
Subject: bug#43071: closed (Re: bug#43071: Enable WebKit sandboxing)
Date: Sun, 25 Oct 2020 00:28:02 +0000

[Message part 1 (text/plain, inline)]
Your bug report

#43071: Enable WebKit sandboxing

which was filed against the emacs package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 43071 <at> debbugs.gnu.org.

-- 
43071: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=43071
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: Paul Eggert <eggert <at> cs.ucla.edu>
To: Stefan Kangas <stefankangas <at> gmail.com>, 43071-done <at> debbugs.gnu.org
Cc: 44204 <at> debbugs.gnu.org, Qiantan Hong <qhong <at> mit.edu>,
 Jaesup Kwak <veshboo <at> gmail.com>, Robert Pluim <rpluim <at> gmail.com>,
 Jimmy Aguilar Mena <kratsbinovish <at> gmail.com>,
 Sungbin Jo <pcr910303 <at> icloud.com>
Subject: Re: bug#43071: Enable WebKit sandboxing
Date: Sat, 24 Oct 2020 17:27:08 -0700

No further comment, so I installed the WebKit sandboxing patch into the emacs-27 
branch on Savannah 
<https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-27&id=71661b287297f328c2c5ad67e180a760f80850cb>. 
After the next merge from emacs-27 to master, this patch should appear in the 
master branch. I am closing Bug#43071.

While testing the fix, I ran into a problem with xwidgets and filed Bug#44204 
"Emacs --with-xwidgets complains under Ubuntu 20.04" which you can see here:

https://bugs.gnu.org/44204

Has anyone had luck running Emacs --with-xwidgets under Ubuntu 20.04 or later? 
I'll cc. this to 44204 <at> debbugs.gnu.org to try to move that part of the 
discussion there.


[Message part 3 (message/rfc822, inline)]
From: Paul Eggert <eggert <at> cs.ucla.edu>
To: Emacs bug reports and feature requests <bug-gnu-emacs <at> gnu.org>
Cc: Robert Pluim <rpluim <at> gmail.com>,
 Jimmy Aguilar Mena <kratsbinovish <at> gmail.com>, Jaesup Kwak <veshboo <at> gmail.com>,
 Qiantan Hong <qhong <at> mit.edu>, Sungbin Jo <pcr910303 <at> icloud.com>
Subject: Enable WebKit sandboxing
Date: Thu, 27 Aug 2020 06:14:37 -0700

[Message part 4 (text/plain, inline)]
Qiantan Hong suggested that Emacs should enable sandboxing in WebKit, for all 
the usual security reasons. (Thanks, Qiantan!)

Attached is a proposed patch to implement that suggestion; it's a bit fancier 
than what Qiantan originally proposed in 
<https://lists.gnu.org/r/emacs-devel/2020-08/msg00896.html> because it checks 
that WebKit 2.26 or later is in use, and it avoids a duplicate call to 
webkit_web_context_get_default. I'm cc'ing this to Qiantan and to other recent 
committers to xwidget.c, to get their opinions.

[0001-Use-WebKit-sandboxing.patch (text/x-patch, attachment)]
This bug report was last modified 4 years and 210 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.