From: Suhail Singh <suhailsingh247@gmail.com>
To: Steven Allen <steven@stebalien.com>
Cc: Suhail Singh <suhailsingh247@gmail.com>,
Ihor Radchenko <yantar92@posteo.net>,
emacs-orgmode@gnu.org, Bastien <bzg@gnu.org>
Subject: Re: [POLL] We plan to remove #+LINK: ...%(my-function) placeholder from link abbreviation spec
Date: Fri, 28 Jun 2024 12:45:30 -0400 [thread overview]
Message-ID: <874j9d3tjp.fsf@gmail.com> (raw)
In-Reply-To: <87pls1ox7v.fsf@stebalien.com> (Steven Allen's message of "Fri, 28 Jun 2024 09:20:36 -0700")
Steven Allen <steven@stebalien.com> writes:
> 1. While this feature no longer invokes completely arbitrary code, it
> still allows an attacker to call any function marked as "pure" which
> is a pretty large attack surface.
I am struggling to assess this, because it's not clear to me what the
threat model is. Could you please elaborate? How are the attacker and
potential victim interacting; what is the attack vector(s); who are the
threat agents and what is their goal that we are trying to guard
against, etc?
> You can, of course, write that function; but then you might as well
> use org-link-abbrev-alist instead of defining a local #+LINK.
Perhaps I misunderstood, I thought the thing being polled was whether or
not to allow org-link-abbrev-alist to have REPLACE (per its docstring)
be a function. I.e., if %(my-function) is removed, so too would the
ability to have a function in the REPLACE position in
org-link-abbrev-alist. Did I misunderstand?
--
Suhail
next prev parent reply other threads:[~2024-06-28 16:46 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-22 16:10 [ANN] Emergency bugfix release: Org mode 9.7.5 Ihor Radchenko
2024-06-22 17:49 ` Ihor Radchenko
2024-06-22 23:55 ` Greg Troxel
2024-06-23 1:58 ` Steven Allen
2024-06-22 17:59 ` emacs-orgmode
2024-06-22 19:15 ` Ihor Radchenko
2024-06-24 9:09 ` Assigned: CVE-2024-39331 (was: [ANN] Emergency bugfix release: Org mode 9.7.5) Ihor Radchenko
2024-06-24 8:08 ` [ANN] Emergency bugfix release: Org mode 9.7.5 Bastien Guerry
2024-06-28 15:09 ` [POLL] We plan to remove #+LINK: ...%(my-function) placeholder from link abbreviation spec (was: [ANN] Emergency bugfix release: Org mode 9.7.5) Ihor Radchenko
2024-06-28 15:51 ` [POLL] We plan to remove #+LINK: ...%(my-function) placeholder from link abbreviation spec Suhail Singh
2024-06-28 16:20 ` Steven Allen
2024-06-28 16:45 ` Suhail Singh [this message]
2024-06-28 16:55 ` Ihor Radchenko
2024-06-28 17:34 ` Suhail Singh
2024-06-28 17:01 ` Steven Allen
2024-06-28 17:55 ` Suhail Singh
2024-06-28 18:16 ` Steven Allen
2024-06-28 15:23 ` [POLL] Bug of Feature? Attack vector via deceiving link abbrevs (was: [ANN] Emergency bugfix release: Org mode 9.7.5) Ihor Radchenko
2024-06-28 15:52 ` Steven Allen
2024-06-28 15:54 ` [POLL] Bug of Feature? Attack vector via deceiving link abbrevs Suhail Singh
2024-07-29 18:42 ` [POLL] Bug of Feature? Attack vector via deceiving link abbrevs (was: [ANN] Emergency bugfix release: Org mode 9.7.5) Ihor Radchenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.orgmode.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=874j9d3tjp.fsf@gmail.com \
--to=suhailsingh247@gmail.com \
--cc=bzg@gnu.org \
--cc=emacs-orgmode@gnu.org \
--cc=steven@stebalien.com \
--cc=yantar92@posteo.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).