Re: emacs-dynamic-module in Emacs Git?

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: emacs-dynamic-module in Emacs Git?

From:	David Kastrup
Subject:	Re: emacs-dynamic-module in Emacs Git?
Date:	Wed, 03 Dec 2014 11:55:16 +0100
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/25.0.50 (gnu/linux)

Stephen Leake <address@hidden> writes:

> Eli Zaretskii <address@hidden> writes:
>
>>> From: Stephen Leake <address@hidden>
>>> Date: Mon, 01 Dec 2014 16:58:21 -0600
>>> 
>>> Eli Zaretskii <address@hidden> writes:
>>> 
>>> >
>>> >> >   . It seems to me that the modules call functions implemented by
>>> >> >     Emacs, like make_number and Fmember, on the assumption that
>>> >> >     calling any Emacs function will "just work".  This is false for
>>> >> 
>>> >> I had to add a linker flag to expose every symbol of Emacs. See the
>>> >> relevant commit:
>>> >> 
>>> >> http://git.savannah.gnu.org/cgit/emacs.git/commit/configure.ac?h=dynamic-modules&id=5c710fba15e0a3a2ae5d831e5cdb555332238752
>>> >
>>> > I don't think this is correct: we don't really want to export all the
>>> > symbols.
>>> 
>>> Why not?
>>
>> Security: you don't want to expose all of the Emacs bowels to any
>> external program out there.
>
> There are many other aspects to security; I doubt this particular
> strategy will really help.
>
> There are better ways to prevent bad code getting into Emacs; code
> reviewed signed modules is probably the best way.

That does not help against things like buffer overrun exploits, and when
some malicious code has all the symbols available, it can be made to
work on a larger variety of binaries.

-- 
David Kastrup

[Prev in Thread]

Current Thread

[Next in Thread]

Re: emacs-dynamic-module in Emacs Git?, (continued)

Prev by Date: Re: emacs-dynamic-module in Emacs Git?
Next by Date: Re: Bidirectional text and URLs
Previous by thread: Re: emacs-dynamic-module in Emacs Git?
Next by thread: Re: emacs-dynamic-module in Emacs Git?
Index(es):
- Date
- Thread