From: Alan Third <alan@idiocy.org>
To: Eshel Yaron <me@eshelyaron.com>
Cc: 66245@debbugs.gnu.org
Subject: bug#66245: [PATCH] ; Silence macOS 14 warning
Date: Thu, 28 Sep 2023 11:35:29 +0100 [thread overview]
Message-ID: <ZRVW8SV8r5MbT35C@idiocy.org> (raw)
In-Reply-To: <m1cyy38mqq.fsf@eshelyaron.com>
On Wed, Sep 27, 2023 at 09:00:45PM +0200, Eshel Yaron via Bug reports for GNU Emacs, the Swiss army knife of text editors wrote:
> Tags: patch
>
> Hi,
>
> After updating to macOS 14 (and rebuilding Emacs), I see the following
> warning whenever I start Emacs:
>
> WARNING: Secure coding is not enabled for restorable state! Enable secure coding by implementing NSApplicationDelegate.applicationSupportsSecureRestorableState: and returning YES.
>
> This patch does exactly what the warning suggests, and it silences the
> warning.
>
> TBH I'm not entirely sure I understand the implications of implementing
> `applicationSupportsSecureRestorableState`. IIUC it makes Emacs opt-in
> to the "secure state restoration" mechanism in contrast to a former
> (supposedly less secure) mechanism, but AFAICT Emacs doesn't opt-in to
> state restoration in the NS port in the first place...
A description of what this fixes is here:
https://sector7.computest.nl/post/2022-08-process-injection-breaking-all-macos-security-layers-with-a-single-vulnerability/
I'm not sure if making this change will affect us, as I don't think we
support saved states, although I could be wrong.
Is it possible for you to try a before and after test of how Emacs
handles saving the state over a reboot? That is, have a running Emacs
with open files and reboot, tick the "reopen windows when logging back
in" option, and see if it behaves differently with this patch applied
and not applied?
If it doesn't then I think this is probably safe and won't affect us,
so we should apply it. Otherwise we'll need to examine what's changed
and see if we can work around it.
Thanks!
--
Alan Third
next prev parent reply other threads:[~2023-09-28 10:35 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-27 19:00 bug#66245: [PATCH] ; Silence macOS 14 warning Eshel Yaron via Bug reports for GNU Emacs, the Swiss army knife of text editors
2023-09-28 10:35 ` Alan Third [this message]
2023-09-28 13:46 ` Eshel Yaron via Bug reports for GNU Emacs, the Swiss army knife of text editors
2023-09-28 21:47 ` Alan Third
2023-09-28 22:16 ` Stefan Kangas
2023-09-28 22:37 ` Alan Third
2023-09-29 1:38 ` Yuan Fu
2023-09-29 9:34 ` Stefan Kangas
2023-09-29 15:10 ` Eli Zaretskii
2023-09-29 9:21 ` Gerd Möllmann
2023-09-29 9:38 ` Stefan Kangas
2023-09-29 10:11 ` Gerd Möllmann
2023-09-29 15:36 ` Alan Third
2023-09-29 14:55 ` Eli Zaretskii
2023-09-29 11:35 ` Stefan Kangas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZRVW8SV8r5MbT35C@idiocy.org \
--to=alan@idiocy.org \
--cc=66245@debbugs.gnu.org \
--cc=me@eshelyaron.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).