bug#45198: 28.0.50; Sandbox mode

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#45198: 28.0.50; Sandbox mode

From:	Philipp Stephani
Subject:	bug#45198: 28.0.50; Sandbox mode
Date:	Sat, 17 Apr 2021 21:16:59 +0200

Am Sa., 17. Apr. 2021 um 19:22 Uhr schrieb Mattias Engdegård <mattiase@acm.org>:
> > As we gain more experience with these sandboxing mechanisms, we can look at 
> > relaxing these restrictions, but I think initially we should be 
> > conservative.
>
> I take the opposite view, but our goals are the same and we will converge.

As long as they converge before releasing Emacs 28, fine. After that
it will be very difficult to restrict an initially-open interface.

> >> +Already open descriptors can be used freely. */)
> >
> > What does this mean?  Emacs doesn't really expose file descriptors to users.
>
> It sort of does (in the form of processes), but there could also be 
> descriptors not directly exposed. It would be incomplete not to mention the 
> possibility. It looks like the seccomp filter generator uses the same policy, 
> treating descriptors as capabilities.

Yes, but since it's only a command-line flag right now, there
shouldn't be any open file descriptors except the standard ones, so
this specific bit of complexity is avoided.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#45198: 28.0.50; Sandbox mode, (continued)

Prev by Date: bug#1305: All code that currently beeps should use visual bell instead
Next by Date: bug#47588: 28.0.50; C-M-x in emacs-lisp-mode: elisp--eval-defun: Symbol’s function definition is void: nil [3 times]
Previous by thread: bug#45198: 28.0.50; Sandbox mode
Next by thread: bug#45198: 28.0.50; Sandbox mode
Index(es):
- Date
- Thread