From: Max Nikulin <manikulin@gmail.com>
To: Stefan Kangas <stefankangas@gmail.com>,
58774@debbugs.gnu.org, emacs-orgmode@gnu.org
Subject: Re: bug#58774: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly
Date: Thu, 27 Oct 2022 00:07:28 +0700 [thread overview]
Message-ID: <e7dd50d4-bc87-0908-0130-f1af5bc993b6@gmail.com> (raw)
In-Reply-To: <Y1jt9vLO7yb597zj@protected.localdomain>
On 26/10/2022 15:21, Jean Louis wrote:
>
> (defun browse-safe-url (url &optional arg)
----------------^^^^
> "Browse URL with b"
> (let ((username "joedoe")) ;; different username than my own
> ;; Insecurity settings for personal DISPLAY only
> (shell-command "xhost +")
> ;; Browse URL with different username
> (async-start-process "sudo" "sudo" nil "su" "-c" "--" username "-c"
> (format "exec iceweasel \"%s\"" url))))
-------------------------------------------------^^^^^^
Do not name "safe" a function having security vulnerabilities. Leaving
aside XAuth issues, it allows arbitrary command execution if URL for
some reason is not properly percent-encoded.
Do you think your reasoning related to security is still convincing?
If you were just requested mapping of Content-Type to some mode in eww,
perhaps it would pass. You demanded Org mode configured by default. Org
have enough means to execute arbitrary code with minimal efforts from
user side. E.g. value of table cell may be recalculated.
Org files originating from non-trusted sources must be carefully
evaluated before opening them in Emacs.
Sometimes Org developer and maintainers do not have enough resources to
react to security-related reports. An issue not so dangerous in the
current state becomes really weird if Org mode becomes a default handler
for files fetched from net.
You may fight for your right to freely shoot your legs but you must be
careful enough to not injury people around. Reputation of Emacs may be
significantly affected by the requested change.
I am strongly against Org mode as a default handler for files downloaded
from web sites. Eww user option, if implemented, should have prominent
warning that particular mode may not be ready for such usage and each
case should be carefully evaluated for security issues.
next prev parent reply other threads:[~2022-10-26 17:11 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-25 12:06 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly Jean Louis
2022-10-25 15:02 ` Dr. Arne Babenhauserheide
2022-10-25 19:56 ` Jean Louis
2022-10-25 21:54 ` Dr. Arne Babenhauserheide
2022-10-26 7:57 ` Jean Louis
2022-10-26 11:55 ` Dr. Arne Babenhauserheide
2022-10-26 12:20 ` Jean Louis
2022-10-26 12:45 ` Andreas Schwab
2022-10-26 13:19 ` bug#58774: " Jean Louis
2022-10-26 13:55 ` Andreas Schwab
2022-10-26 17:36 ` Jean Louis
2022-10-27 7:58 ` Andreas Schwab
2022-10-27 8:40 ` Jean Louis
2022-10-27 11:22 ` Andreas Schwab
2022-10-27 11:23 ` Dr. Arne Babenhauserheide
2022-10-26 7:59 ` Jean Louis
2022-10-25 23:03 ` Ihor Radchenko
2022-10-26 6:07 ` bug#58774: " Stefan Kangas
2022-10-26 6:52 ` Ihor Radchenko
2022-10-26 8:24 ` Jean Louis
2022-10-26 20:22 ` indieterminacy
2022-10-26 11:30 ` Dr. Arne Babenhauserheide
2022-10-26 21:41 ` Tim Cross
2022-10-27 10:43 ` Dr. Arne Babenhauserheide
2022-10-26 13:15 ` Stefan Kangas
2022-10-26 8:21 ` Jean Louis
2022-10-26 17:07 ` Max Nikulin [this message]
2022-10-26 18:37 ` Jean Louis
2022-10-26 21:16 ` Dr. Arne Babenhauserheide
2022-10-27 4:25 ` tomas
2022-10-27 11:10 ` Dr. Arne Babenhauserheide
2022-10-26 21:56 ` indieterminacy
2022-10-26 20:00 ` Tim Cross
2022-10-25 22:13 ` Ag Ibragimov
2022-10-26 8:28 ` Jean Louis
2022-10-26 13:00 ` Rudolf Adamkovič
2022-10-26 13:42 ` bug#58774: " Jean Louis
2022-10-27 4:55 ` Jean Louis
2022-10-27 11:13 ` Dr. Arne Babenhauserheide
2022-10-27 17:41 ` Jean Louis
2022-10-27 21:43 ` Dr. Arne Babenhauserheide
2022-10-27 15:35 ` bug#58774: " Max Nikulin
2022-10-27 17:58 ` Jean Louis
2022-10-27 21:49 ` Dr. Arne Babenhauserheide
2022-10-27 18:25 ` Jean Louis
2022-10-27 19:53 ` Quiliro Ordóñez
2022-10-27 19:58 ` Quiliro Ordóñez
2022-10-27 21:57 ` Dr. Arne Babenhauserheide
2022-10-27 22:18 ` Jean Louis
2022-10-27 23:14 ` Dr. Arne Babenhauserheide
2022-10-27 23:20 ` Ihor Radchenko
2022-10-28 8:28 ` Dr. Arne Babenhauserheide
2022-11-02 4:09 ` Ihor Radchenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.orgmode.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e7dd50d4-bc87-0908-0130-f1af5bc993b6@gmail.com \
--to=manikulin@gmail.com \
--cc=58774@debbugs.gnu.org \
--cc=emacs-orgmode@gnu.org \
--cc=stefankangas@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).