[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Emacs Arbitrary Code Execution and How to Avoid It
|
From: |
Steven Allen |
|
Subject: |
Re: Emacs Arbitrary Code Execution and How to Avoid It |
|
Date: |
Wed, 04 Dec 2024 07:04:42 -0800 |
Jean Louis <bugs@gnu.support> writes:
> In every programming language it is possible to obscure the code and execute
> arbitrary code.
>
> I do not see it as special security issue, it is common, known.
>
> --
> Jean Louis
Yes, but opening random text files shouldn't execute arbitrary code. The
concern here is that someone can:
1. Create some "document.txt" file.
2. Start it with ";; -*- mode: emacs-lisp -*-".
3. Include a macro that executes some malicious lisp code.
4. Send it to some unsuspecting victim.
Opening this file will run arbitrary code if flymake is enabled for
emacs-lisp files, even though the file looks like it should be an
innocent ".txt" file.
Re: Emacs Arbitrary Code Execution and How to Avoid It, Jean Louis, 2024/12/04
- Re: Emacs Arbitrary Code Execution and How to Avoid It,
Steven Allen <=
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Jean Louis, 2024/12/04
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Christopher Howard, 2024/12/04
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Richard Stallman, 2024/12/06
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Daniel Radetsky, 2024/12/10
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Eshel Yaron, 2024/12/11
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Jean Louis, 2024/12/11
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Daniel Radetsky, 2024/12/11
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Jean Louis, 2024/12/11
- Re: Emacs Arbitrary Code Execution and How to Avoid It, tomas, 2024/12/11
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Daniel Radetsky, 2024/12/11