[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#48676: Arbitrary code execution in Org export macros
|
From: |
Glenn Morris |
|
Subject: |
bug#48676: Arbitrary code execution in Org export macros |
|
Date: |
Wed, 26 May 2021 11:52:04 -0400 |
|
User-agent: |
Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/) |
Package: emacs,org-mode
Version: 28.0.50
Severity: important
Tags: security
emacs -Q hello.org, where hello.org contains:
#+macro: hello (eval (shell-command-to-string "touch /tmp/HELLO"))
Hello. {{{hello}}}
Then:
M-x org-export-dispatch
t A
-> now /tmp/HELLO exist, with no prompting.
This seems contrary to normal Emacs practice for risky local variables,
and to the section "Code Evaluation and Security Issues" in the Org manual
(which does not mention macros).
- bug#48676: Arbitrary code execution in Org export macros,
Glenn Morris <=