GNU bug report logs - #45198
28.0.50; Sandbox mode

Previous Next

Package: emacs;

Reported by: Stefan Monnier <monnier <at> iro.umontreal.ca>

Date: Sat, 12 Dec 2020 18:20:02 UTC

Severity: normal

Tags: patch

Found in version 28.0.50

Full log

View this message in rfc822 format

From: Stefan Monnier <monnier <at> iro.umontreal.ca>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: alan <at> idiocy.org, mattiase <at> acm.org, 45198 <at> debbugs.gnu.org, stefan <at> marxist.se, p.stephani2 <at> gmail.com, joaotavora <at> gmail.com
Subject: bug#45198: 28.0.50; Sandbox mode
Date: Sat, 17 Apr 2021 14:47:34 -0400

>> Normally, this untrusted ELisp code (the one present within
>> `eval-when-compile` and macros defined within the file) limits itself to
>> quite simple sexp manipulation, so the sandboxing can be quite
>> restrictive, disallowing things like user interaction, uses of
>> subprocesses, or writing to files.
> How is this different from byte-compiling some code, e.g. one
> downloaded from some elpa?

The normal way to enable flymake is something like

    (add-hook 'emacs-lisp-mode #'flymake-mode)

so the file gets compiled just because you're looking at it.
That's quite different from an explicit request from the user to compile
a file.


        Stefan
This bug report was last modified 3 years and 7 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.