GNU bug report logs -
#58774
29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly
Previous Next
Reported by: Jean Louis <bugs <at> gnu.support>
Date: Tue, 25 Oct 2022 12:13:02 UTC
Severity: wishlist
Tags: wontfix
Found in version 29.0.50
Done: Stefan Kangas <stefankangas <at> gmail.com>
Bug is archived. No further changes may be made.
Full log
Message #46 received at 58774 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Ihor Radchenko <yantar92 <at> posteo.net> writes:
> If necessary, we can introduce a special variable in Org mode that will
> disable all the potential third-party code evaluation, even if user has
> customized Org to execute code without prompt.
If that would be part of org-mode, this would be close to a
safe-org-mode.
An important part in what I wrote about safe-org-mode is that it has to
ensure that what is shown cannot trick the user into thinking something
else would get run.
A way to reduce risk would be to introduce a domain-allow-list (or
prefix-allow-list) in eww for filetypes that could be unsafe, so you
could for example add "orgmode.org" to your allowlist and for those
domains org-files would auto-open in org-mode.
Such security risks have a tendency of getting weaponized down the road
when they really hurt. Like when people didn’t care about npm
dependencies and had them suddenly deleting their files. And opening in
the currently used Emacs may give a malicious file access to remote
files opened via tramp, even if you (by virtue of being careful) require
a password for the connection to sensitive servers. That way, running
something in Emacs can be even more dangerous than running it in the
shell.
Best wishes,
Arne
--
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 1 year and 259 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.