GNU bug report logs - #45198
28.0.50; Sandbox mode

Previous Next

Package: emacs;

Reported by: Stefan Monnier <monnier <at> iro.umontreal.ca>

Date: Sat, 12 Dec 2020 18:20:02 UTC

Severity: normal

Tags: patch

Found in version 28.0.50

Full log

Message #296 received at 45198 <at> debbugs.gnu.org (full text, mbox):

From: Stefan Monnier <monnier <at> iro.umontreal.ca>
To: Mattias Engdegård <mattiase <at> acm.org>
Cc: Alan Third <alan <at> idiocy.org>, 45198 <at> debbugs.gnu.org,
 Stefan Kangas <stefan <at> marxist.se>, Philipp <p.stephani2 <at> gmail.com>,
 João Távora <joaotavora <at> gmail.com>,
 Eli Zaretskii <eliz <at> gnu.org>
Subject: Re: bug#45198: 28.0.50; Sandbox mode
Date: Fri, 17 Sep 2021 09:20:50 -0400

> It's basically versions of `call-process` and `make-process` specialised for
> running batch-mode Emacs in a sandbox. The attached patch is a straw man
> proposal but that should serve as a starting point for agreement on what the
> interface might look like.

For `elpa-admin.el` we need a writable directory as well.
We also need the ability to run sub-processes.  Your `bwrap`
implementation for GNU/Linux should allow that, AFAICT, but I can't tell
if `darwin-sandbox-enter` also allows it.


        Stefan
This bug report was last modified 3 years and 7 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.