[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Emacs Arbitrary Code Execution and How to Avoid It
|
From: |
Richard Stallman |
|
Subject: |
Re: Emacs Arbitrary Code Execution and How to Avoid It |
|
Date: |
Sun, 08 Dec 2024 00:10:30 -0500 |
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
Thanks for sending a clear description of what leads up to the
failure.
> Regarding completion in particular: ELisp mode adds a function
> elisp-completion-at-point to completion-at-point-functions, so whatever
> completion mechanism you use that runs completion-at-point-functions may
> call elisp-completion-at-point. Now, when elisp-completion-at-point
> thinks that variable names are appropriate completion candidates at the
> current position, it returns a completion table that, among other things,
> expands macros when the completion mechanism queries it.
However, the crucial poiht seems not to be included.
It appears that something reads and evals macro definitions automatically.
Is that true? If so, what triggers that -- and what fix can prevent it?
--
Dr Richard Stallman (https://stallman.org)
Chief GNUisance of the GNU Project (https://gnu.org)
Founder, Free Software Foundation (https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)
Re: Emacs Arbitrary Code Execution and How to Avoid It, Jean Louis, 2024/12/04