GNU bug report logs - #74879
30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers

Package: emacs;

Reported by: Daniel Mendler <mail <at> daniel-mendler.de>

Date: Sun, 15 Dec 2024 00:40:02 UTC

Severity: normal

Found in version 30.0.92

Message #44 received at 74879 <at> debbugs.gnu.org (full text, mbox):

From: Stefan Monnier <monnier <at> iro.umontreal.ca>
To: Gerd Möllmann <gerd.moellmann <at> gmail.com>
Cc: Daniel Mendler <mail <at> daniel-mendler.de>, 74879 <at> debbugs.gnu.org
Subject: Re: bug#74879: 30.0.92; trusted-content-p and trusted-files cannot
 be used for non-file buffers
Date: Sun, 15 Dec 2024 10:10:05 -0500

> Random thought:
>
> - What if a user pastes text from a untrusted source to a trusted buffer?
>
> - Is taint checking relevant in this context?
>
>     https://en.wikipedia.org/wiki/Taint_checking

I'll just repeat that trust sucks.
It's a last recourse and we should work to implement better solutions.


        Stefan

This bug report was last modified 56 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #74879 30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers

GNU bug report logs - #74879
30.0.92; trusted-content-p and trusted-files cannot be used for non-file buffers