From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Alan Third Newsgroups: gmane.emacs.bugs Subject: bug#45198: 28.0.50; Sandbox mode Date: Wed, 30 Dec 2020 15:36:33 +0000 Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="26823"; mail-complaints-to="usenet@ciao.gmane.io" Cc: 45198@debbugs.gnu.org, Bastien , Philipp Stephani , Stefan Kangas , =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= , Stefan Monnier To: Mattias =?UTF-8?Q?Engdeg=C3=A5rd?= Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Wed Dec 30 16:37:12 2020 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1kudXE-0006uj-4E for geb-bug-gnu-emacs@m.gmane-mx.org; Wed, 30 Dec 2020 16:37:12 +0100 Original-Received: from localhost ([::1]:38256 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kudXD-0008K1-5m for geb-bug-gnu-emacs@m.gmane-mx.org; Wed, 30 Dec 2020 10:37:11 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:50660) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kudX5-0008Jt-Na for bug-gnu-emacs@gnu.org; Wed, 30 Dec 2020 10:37:03 -0500 Original-Received: from debbugs.gnu.org ([209.51.188.43]:39175) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kudX4-0001dQ-Cw for bug-gnu-emacs@gnu.org; Wed, 30 Dec 2020 10:37:03 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kudX4-0006fi-Aj for bug-gnu-emacs@gnu.org; Wed, 30 Dec 2020 10:37:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Alan Third Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Wed, 30 Dec 2020 15:37:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 45198 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch Original-Received: via spool by 45198-submit@debbugs.gnu.org id=B45198.160934260625598 (code B ref 45198); Wed, 30 Dec 2020 15:37:02 +0000 Original-Received: (at 45198) by debbugs.gnu.org; 30 Dec 2020 15:36:46 +0000 Original-Received: from localhost ([127.0.0.1]:50717 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kudWo-0006en-Fj for submit@debbugs.gnu.org; Wed, 30 Dec 2020 10:36:46 -0500 Original-Received: from outbound.soverin.net ([116.202.65.218]:36505) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kudWm-0006eV-Lr for 45198@debbugs.gnu.org; Wed, 30 Dec 2020 10:36:45 -0500 Original-Received: from smtp.soverin.net (unknown [10.10.3.28]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by outbound.soverin.net (Postfix) with ESMTPS id 5CF476008F; Wed, 30 Dec 2020 15:36:38 +0000 (UTC) Original-Received: from smtp.soverin.net (smtp.soverin.net [159.69.232.142]) by soverin.net DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=idiocy.org; s=soverin; t=1609342597; bh=iZILMyrvBuuYXvd+s9VRav7wlKwDGTrXRS94DP+a4tY=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=HQGSelwE2etuha3fZtpCJoE5VubFpF882y3nCoxvw4bRW4UAbRNmrqP7FK5cCMsyD V8A0RkzZjcUxzOQOcntZwjKQFJ/mgORW8vDhsksmOeXAu7Ng9t0ySnuzgL6D99UvNE VDYZnB5gyiNPTUdSRvtYsPp4KIjCe0Bj8UcIH7ni7sLmicSSDfp6x6FnyO/LKe8bp/ XeG479IzP1jPfjNHQijbfY1hPsSVGZ0ccR+Lmamake2gFJJ+2OQkM8B5Olt4BPFMN4 pLeThZQYgqG9GydAfrUwky1/Xl/oBgCVkmJ2t80GGhZSKr/iejVjWMdI60PQIWO1qf az4MlOC96BbOg== Original-Received: by breton.holly.idiocy.org (Postfix, from userid 501) id 8EAF920295BE6B; Wed, 30 Dec 2020 15:36:33 +0000 (GMT) Mail-Followup-To: Alan Third , Mattias =?UTF-8?Q?Engdeg=C3=A5rd?= , 45198@debbugs.gnu.org, Stefan Kangas , Bastien , Stefan Monnier , =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= , Philipp Stephani Content-Disposition: inline In-Reply-To: X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.io gmane.emacs.bugs:197036 Archived-At: On Wed, Dec 30, 2020 at 03:59:19PM +0100, Mattias Engdegård wrote: > Here is a bare-bones macOS sandbox implementation. In practice, it > would probably be called in an --eval argument to guard anything > executed later. It should be sufficient for the typical untrusted > flymake checker running in an Emacs subprocess and printing to > stdout/stderr. It may make more sense to use darwin instead of macos in the name, unless it is actually specific to macOS. I believe OpenDarwin is still a thing. -- Alan Third