GNU bug report logs - #66245
[PATCH] ; Silence macOS 14 warning

Previous Next

Package: emacs;

Reported by: Eshel Yaron <me <at> eshelyaron.com>

Date: Wed, 27 Sep 2023 19:02:02 UTC

Severity: normal

Tags: patch

Merged with 66269

Found in version 29.1.50

Fixed in version 29.2

Done: Stefan Kangas <stefankangas <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Stefan Kangas <stefankangas <at> gmail.com>
To: Gerd Möllmann <gerd.moellmann <at> gmail.com>
Cc: 66245 <at> debbugs.gnu.org, Alan Third <alan <at> idiocy.org>, Eshel Yaron <me <at> eshelyaron.com>
Subject: bug#66245: [PATCH] ; Silence macOS 14 warning
Date: Fri, 29 Sep 2023 02:38:29 -0700

Gerd Möllmann <gerd.moellmann <at> gmail.com> writes:

>> Without this code, are we enabling malicious processes to escape the
>> macOS sandbox, and gain the same privileges as the Emacs process?
>
> Well, not that drastically...  From the release notes of macOS 12 Appkit
> (we're now at 14).
>
> https://developer.apple.com/documentation/macos-release-notes/appkit-release-notes-for-macos-12?changes=lat__5_3
>
> Restorable State
>
>     To enable secure coding for a restorable state, implement
>     applicationSupportsSecureRestorableState(_:). When opted in:
>
>         The system requires classes passed to restorationClass to
>         explicitly conform to NSWindowRestoration.
>
>         ...
>
> I understand that as meaning that this switches on additional checks in
> Appkit.  That should be okay for Emacs because it doesn't use this
> feature of Appkit, at least AFAIK.

Thanks.  IIUC, that seems to speak in favor of not making an emergency
release of Emacs 29.2 at this point.
This bug report was last modified 1 year and 230 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.