RE: CVE-2017-14482 - Red Hat Customer Portal

help-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: CVE-2017-14482 - Red Hat Customer Portal

From:	Ludwig, Mark
Subject:	RE: CVE-2017-14482 - Red Hat Customer Portal
Date:	Tue, 26 Sep 2017 19:00:02 +0000

> From: Philipp Stephani, Tuesday, September 26, 2017 12:46 PM
>
> Viewing an HTML document will never run arbitrary code, let alone delete the 
> user's home directory. 
> Unlike Emacs, browsers have pretty good sandboxes.

"Never run arbitrary code" + "pretty good sandboxes"?

Maybe they do /now/.  Do we have to review the history?
How sure are you that the sandboxing works when you 
directly invoke the browser and feed it a local HTML file 
on the command line?

By all means, help make Emacs better.  
Give it digital certificate technology and a sandbox, if you like.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: CVE-2017-14482 - Red Hat Customer Portal, (continued)

Prev by Date: Re: CVE-2017-14482 - Red Hat Customer Portal
Next by Date: Re: Modify text appearance (put spaces after commas just for display)
Previous by thread: Re: CVE-2017-14482 - Red Hat Customer Portal
Next by thread: Re: CVE-2017-14482 - Red Hat Customer Portal
Index(es):
- Date
- Thread