GNU bug report logs - #58774
29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

Previous Next

Package: emacs;

Reported by: Jean Louis <bugs <at> gnu.support>

Date: Tue, 25 Oct 2022 12:13:02 UTC

Severity: wishlist

Tags: wontfix

Found in version 29.0.50

Done: Stefan Kangas <stefankangas <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

Message #14 received at submit <at> debbugs.gnu.org (full text, mbox):

From: "Dr. Arne Babenhauserheide" <arne_bab <at> web.de>
To: Jean Louis <bugs <at> gnu.support>
Cc: bug-gnu-emacs <at> gnu.org, emacs-orgmode <at> gnu.org
Subject: Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly
Date: Tue, 25 Oct 2022 23:54:46 +0200

[Message part 1 (text/plain, inline)]
Jean Louis <bugs <at> gnu.support> writes:

> * Dr. Arne Babenhauserheide <arne_bab <at> web.de> [2022-10-25 18:06]:
>> > This wish request is related to Emacs EWW and Org mode.
>> >
>> > Please make EWW recognize Org file when served by WWW server. Currently
>> > it does not recognize the MIME type text/x-org and opens the file as
>> > text, it does not invoke the org mode. In my opinion, it should.
>> 
>> This sounds dangerous. Org mode can execute untrusted code, so this
>> could trick people into running untrusted code with the permissions of
>> their Emacs.
>
> I can always do that in Emacs, execute untrusted code. There are no
> trust mechanisms for plethora of Emacs packages and codes distributed
> over Internet. 

All of the Emacs packages have some amount of implicit trust. Even melpa
carefully vets packages nowadays. That’s not the case for some website
you visit.

> That was not my request.
>
> Do you know how to make this work?

If you ask me whether I can make this work safely: This would first
require the introduction of a safe-org-mode which strictly disables all
features that can execute remote code or disguise unsafe operations as
safe ones. If a user then decides to explicitly call M-x org-mode,
that’s their problem.

If you ask me whether I know how to make this work unsafely: It likely
won’t need a lot of elisp reading, but I do not, because I do not look
for it, because if I did, I would not.

I do not want to be the one who caused the systems of eww users to get
breached, or who helped opening that security hole.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de

[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 1 year and 258 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.