GNU bug report logs - #57878
Emacs native compilation on startup can crash the system

Previous Next

Full log

Message #49 received at 57878 <at> debbugs.gnu.org (full text, mbox):

From: Liliana Marie Prikler <liliana.prikler <at> gmail.com>
To: Max Brieiev <max.brieiev <at> gmail.com>
Cc: Konrad Hinsen <konrad.hinsen <at> fastmail.net>, "Thompson,
 David" <dthompson2 <at> worcester.edu>, 57878 <at> debbugs.gnu.org
Subject: Re: bug#57878: Minimal reproducible setup
Date: Thu, 13 Oct 2022 20:23:06 +0200

Am Donnerstag, dem 13.10.2022 um 12:31 +0300 schrieb Max Brieiev:
> > I think this reasoning really falls flat in presence of any non-
> > Emacs package manager.  Like, obviously wanting to natively compile
> > packages managed by (dpkg, rpm, pacman, emerge, guix), but not
> > natively compiling a random elisp script you just downloaded from
> > the web is a legitimate use case.
> 
> If security is a concern, you should not load random Elisp in the
> first place. It is much easier to just directly run harmful elisp,
> then to exploit native compiler, which stays silent until after you
> evaluate some (possibly harmful) elisp.
The nature of compiled code being compiled makes it much easier to
exploit, however.  Assume you have a genuine dash.el, but a malicious
person delivers you a dash.eln with some backdoor.  Unless you know how
to read x86 assembly, you won't debug the latter, whereas you could
reasonably find the former if you're an Elisp hacker.

This is typically not a concern for Guix, where the challenge mechanism
provides tools to highlight that something is going wrong, but it might
be a concern for traditional distros.  Then again, the same applies to
bytecode too, and here as well the solution is to typically use a
trusted package manager.

Cheers

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.