[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Emacs Arbitrary Code Execution and How to Avoid It
|
From: |
Richard Stallman |
|
Subject: |
Re: Emacs Arbitrary Code Execution and How to Avoid It |
|
Date: |
Thu, 05 Dec 2024 23:47:01 -0500 |
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
This sounds like a grave problem, that we had better correct ASAP.
Can we reproduce it? Can we see how it happens that Emacs
evals code that the user did not specifically say to eval?
Users writing Lisp code can cause any sort of vulnerability and it is
no use trying to prevent that. But I think we should make sure that
no use of advertised features will eval code that the user did
specifically say to eval.
--
Dr Richard Stallman (https://stallman.org)
Chief GNUisance of the GNU Project (https://gnu.org)
Founder, Free Software Foundation (https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)
Re: Emacs Arbitrary Code Execution and How to Avoid It, Jean Louis, 2024/12/04
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Steven Allen, 2024/12/04
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Jean Louis, 2024/12/04
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Christopher Howard, 2024/12/04
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Richard Stallman, 2024/12/06
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Daniel Radetsky, 2024/12/10
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Eshel Yaron, 2024/12/11