bug#37656: 27.0.50; Opening file with specially crafted local variables

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#37656: 27.0.50; Opening file with specially crafted local variables

From:	Stefan Monnier
Subject:	bug#37656: 27.0.50; Opening file with specially crafted local variables can cause arbitrary code execution Inbox x
Date:	Wed, 16 Oct 2019 09:13:43 -0400
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)

> -*- mode: emacs-lisp; mode: flymake -*-
>
> (eval-when-compile
>   (with-temp-file "~/emacs_flymake_security_bug"
>       (insert "Could have also executed any code.")))

Yes, it's a serious (and, sadly, known) problem.

I think it goes further than just flymake support for Elisp: flymake
support for other major modes may also end up running arbitrary code
(tho it will depend on the specifics).

So, I think flymake should have a list of "safe" places where it can
treat files like it does know, and any file found elsewhere should be
treated with more care either by simply disabling flymake or disabling
some of its backends, or making its backends more careful (e.g. to
compile those files in a mode where `eval-when-compile` is not executed
or is only executed after passing it through a stringent safety test).


        Stefan

[Prev in Thread]

Current Thread

[Next in Thread]

bug#37656: 27.0.50; Arbitrary code execution with special `mode:', (continued)
- bug#37656: 27.0.50; Opening file with specially crafted local variables can cause arbitrary code execution Inbox x, Stefan Monnier <=

Prev by Date: bug#37774: 27.0.50; new :extend attribute broke visuals of all themes and other packages
Next by Date: bug#37774: 27.0.50; new :extend attribute broke visuals of all themes and other packages
Previous by thread: bug#37656: 27.0.50; Arbitrary code execution with special `mode:'
Next by thread: bug#37659: rx additions: anychar, unmatchable, unordered-or
Index(es):
- Date
- Thread