GNU bug report logs - #45198
28.0.50; Sandbox mode

Previous Next

Package: emacs;

Reported by: Stefan Monnier <monnier <at> iro.umontreal.ca>

Date: Sat, 12 Dec 2020 18:20:02 UTC

Severity: normal

Tags: patch

Found in version 28.0.50

Full log

View this message in rfc822 format

From: Stefan Monnier <monnier <at> iro.umontreal.ca>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: bzg <at> gnu.org, 45198 <at> debbugs.gnu.org, joaotavora <at> gmail.com
Subject: bug#45198: 28.0.50; Sandbox mode
Date: Sat, 12 Dec 2020 16:06:54 -0500

>>  static void
>>  redisplay_internal (void)
>>  {
>> +  /* Not sure if it's important to avoid redisplay inside a sandbox,
>> +     but it seems safer to avoid risking introducing security holes via
>> +     image libraries and such.  */
>> +  ensure_no_sandbox ();
>
> You cannot usefully call error from redisplay.

Hmm... but this is at the entrance to redisplay, so I though it should
still be safe at that point.  If it's a problem we can replace the above
with

    if (emacs_is_sandboxed)
      return;


-- Stefan

This bug report was last modified 3 years and 7 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #45198 28.0.50; Sandbox mode

GNU bug report logs - #45198
28.0.50; Sandbox mode