Re: Emacs Arbitrary Code Execution and How to Avoid It

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Emacs Arbitrary Code Execution and How to Avoid It

From:	tomas
Subject:	Re: Emacs Arbitrary Code Execution and How to Avoid It
Date:	Wed, 11 Dec 2024 11:42:23 +0100

On Wed, Dec 11, 2024 at 01:38:44PM +0300, Jean Louis wrote:
> * Daniel Radetsky <dradetsky@gmail.com> [2024-12-11 12:37]:
> > On Wed, Dec 11, 2024 at 12:25:24PM +0300, Jean Louis wrote:
> > > Send me the working example of dangerous macro, that I can see how it
> > > works, thank you. Make
> > 
> > (rx (eval (call-process "touch" nil nil nil "/tmp/owned")))
> 
> I see it executes and makes the file by opening ex.el with the
> above. It doesn't work with .txt file though.

Believing in "file extensions" is yet another recipe for disaster
(remember those ".jpg.exe"?

Cheers
-- 
t

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Emacs Arbitrary Code Execution and How to Avoid It, (continued)
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Jean Louis, 2024/12/04
  - Re: Emacs Arbitrary Code Execution and How to Avoid It, Steven Allen, 2024/12/04
    - Re: Emacs Arbitrary Code Execution and How to Avoid It, Jean Louis, 2024/12/04
    - Re: Emacs Arbitrary Code Execution and How to Avoid It, Christopher Howard, 2024/12/04
    - Re: Emacs Arbitrary Code Execution and How to Avoid It, Richard Stallman, 2024/12/06
    - Re: Emacs Arbitrary Code Execution and How to Avoid It, Daniel Radetsky, 2024/12/10
    - Re: Emacs Arbitrary Code Execution and How to Avoid It, Eshel Yaron, 2024/12/11
    - Re: Emacs Arbitrary Code Execution and How to Avoid It, Jean Louis, 2024/12/11
    - Re: Emacs Arbitrary Code Execution and How to Avoid It, Daniel Radetsky, 2024/12/11
    - Re: Emacs Arbitrary Code Execution and How to Avoid It, Jean Louis, 2024/12/11
    - Re: Emacs Arbitrary Code Execution and How to Avoid It, tomas <=
    - Re: Emacs Arbitrary Code Execution and How to Avoid It, Daniel Radetsky, 2024/12/11
    - Re: Emacs Arbitrary Code Execution and How to Avoid It, tomas, 2024/12/11
    - Re: Emacs Arbitrary Code Execution and How to Avoid It, Richard Stallman, 2024/12/11
    - Re: Emacs Arbitrary Code Execution and How to Avoid It, Jean Louis, 2024/12/12
- Re: Emacs Arbitrary Code Execution and How to Avoid It, Richard Stallman, 2024/12/05
  - Re: Emacs Arbitrary Code Execution and How to Avoid It, Jim Porter, 2024/12/06
    - Re: Emacs Arbitrary Code Execution and How to Avoid It, Eli Zaretskii, 2024/12/06
  - Re: Emacs Arbitrary Code Execution and How to Avoid It, Eli Zaretskii, 2024/12/06
  - Re: Emacs Arbitrary Code Execution and How to Avoid It, Philip Kaludercic, 2024/12/06
    - Re: Emacs Arbitrary Code Execution and How to Avoid It, Richard Stallman, 2024/12/08

Prev by Date: Re: Colorizing source code in Info manuals
Next by Date: PATCH: add support for TCP_NODELAY on network streams
Previous by thread: Re: Emacs Arbitrary Code Execution and How to Avoid It
Next by thread: Re: Emacs Arbitrary Code Execution and How to Avoid It
Index(es):
- Date
- Thread