Re: 2023-02-27 Emacs news

emacs-tangents

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 2023-02-27 Emacs news

From:	Dmitry Gutov
Subject:	Re: 2023-02-27 Emacs news
Date:	Tue, 28 Feb 2023 20:08:39 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.7.1

On 28/02/2023 16:05, Yuri Khan wrote:

If you open a malicious source file in an editor, you don’t expect it
to execute any code written within, surely not before you press the
Run key. If opening a file for editing trashes your home directory,
it’s a bug and a vulnerability. If opening a file for editing causes
personal information to be sent outside, it’s a bug and a
vulnerability.


Neither of that happened with the linked "vulnerability", though.

It only worked if you pressed "C-c C-f" on a line that containedsomething like


require '; rm -rf ~'

[Prev in Thread]

Current Thread

[Next in Thread]

2023-02-27 Emacs news, Sacha Chua, 2023/02/27
- Re: 2023-02-27 Emacs news, Emanuel Berg, 2023/02/27
  - Re: 2023-02-27 Emacs news, Jean Louis, 2023/02/28
    - Re: 2023-02-27 Emacs news, Yuri Khan, 2023/02/28
    - Re: 2023-02-27 Emacs news, Dmitry Gutov <=
    - Re: 2023-02-27 Emacs news, Yuri Khan, 2023/02/28
    - Re: 2023-02-27 Emacs news, Dmitry Gutov, 2023/02/28

Prev by Date: Re: 2023-02-27 Emacs news
Next by Date: Re: 2023-02-27 Emacs news
Previous by thread: Re: 2023-02-27 Emacs news
Next by thread: Re: 2023-02-27 Emacs news
Index(es):
- Date
- Thread