[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#45198: 28.0.50; Sandbox mode
|
From: |
Stefan Monnier |
|
Subject: |
bug#45198: 28.0.50; Sandbox mode |
|
Date: |
Sun, 18 Apr 2021 10:25:47 -0400 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux) |
>> The whole point of the sandboxing exercise is so as to be able to have
>> flymake-mode in the hook without exposing yourself to
>> these vulnerabilities.
>
> So we are going to introduce all this non-trivial machinery into Emacs
> just to solve the Flymake use case? Is that reasonable from the
> project management POV, in your eyes?
To the extent that this machinery will only be used by those rare places
that need it (e.g. flymake), yes, as long as the low-level interface
(e.g. the code that added the support for the `--seccomp` argument) is
simple enough.
BTW, in the context of GNU/Linux, an alternative to `--seccomp` is to
require the `bwrap` tool (that's what I use in the `elpa-admin.el`
scripts to run makefile rules from ELPA packages).
Stefan
- bug#45198: 28.0.50; Sandbox mode, (continued)
- bug#45198: 28.0.50; Sandbox mode, Stefan Monnier, 2021/04/17
- bug#45198: 28.0.50; Sandbox mode, Eli Zaretskii, 2021/04/17
- bug#45198: 28.0.50; Sandbox mode, Stefan Monnier, 2021/04/17
- bug#45198: 28.0.50; Sandbox mode, Eli Zaretskii, 2021/04/17
- bug#45198: 28.0.50; Sandbox mode, Stefan Monnier, 2021/04/17
- bug#45198: 28.0.50; Sandbox mode, Eli Zaretskii, 2021/04/17
- bug#45198: 28.0.50; Sandbox mode, Stefan Monnier, 2021/04/17
- bug#45198: 28.0.50; Sandbox mode, Eli Zaretskii, 2021/04/18
- bug#45198: 28.0.50; Sandbox mode,
Stefan Monnier <=