From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Alan Third Newsgroups: gmane.emacs.bugs Subject: bug#66245: [PATCH] ; Silence macOS 14 warning Date: Thu, 28 Sep 2023 22:47:34 +0100 Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="28575"; mail-complaints-to="usenet@ciao.gmane.io" Cc: 66245@debbugs.gnu.org To: Eshel Yaron Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Thu Sep 28 23:48:02 2023 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1qlyra-00079x-HF for geb-bug-gnu-emacs@m.gmane-mx.org; Thu, 28 Sep 2023 23:48:02 +0200 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qlyrO-0004Hx-AG; Thu, 28 Sep 2023 17:47:50 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qlyrM-0004Hj-DV for bug-gnu-emacs@gnu.org; Thu, 28 Sep 2023 17:47:48 -0400 Original-Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1qlyrM-0000cI-5a for bug-gnu-emacs@gnu.org; Thu, 28 Sep 2023 17:47:48 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1qlyra-00012q-0V for bug-gnu-emacs@gnu.org; Thu, 28 Sep 2023 17:48:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Alan Third Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Thu, 28 Sep 2023 21:48:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 66245 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch Original-Received: via spool by 66245-submit@debbugs.gnu.org id=B66245.16959376804002 (code B ref 66245); Thu, 28 Sep 2023 21:48:01 +0000 Original-Received: (at 66245) by debbugs.gnu.org; 28 Sep 2023 21:48:00 +0000 Original-Received: from localhost ([127.0.0.1]:54653 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qlyrX-00012R-RG for submit@debbugs.gnu.org; Thu, 28 Sep 2023 17:48:00 -0400 Original-Received: from dane.soverin.net ([185.233.34.149]:36929) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qlyrV-00011N-CC for 66245@debbugs.gnu.org; Thu, 28 Sep 2023 17:47:58 -0400 Original-Received: from smtp.soverin.net (c04smtp-lb01.int.sover.in [10.10.4.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by dane.soverin.net (Postfix) with ESMTPS id 4RxRsh0crQzyS5; Thu, 28 Sep 2023 21:47:36 +0000 (UTC) Original-Received: from smtp.soverin.net (smtp.soverin.net [10.10.4.99]) by soverin.net (Postfix) with ESMTPSA id 4RxRsg26SZzLn; Thu, 28 Sep 2023 21:47:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=idiocy.org; s=soverin; t=1695937655; bh=IvkBIrXjlsJBxUFzvHf9x+Hut7scwEJQkiOQxk7A6P8=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=XzS57KVVFqRomFiavvKDHTjhHCG+S4jI3NEqhe2HUKCRKvRwpS+Tpcv7r8c+UGO49 hzOSOT0RrPTuJVmWcSUYlpJS0LzjBGcWIOTE01zrMl80dTZlLp2VTq0DI3/+fHpDAU OfwzCHV7q/7W2EJCCpWt7grGsiXYAdDO6G32YCHyLCC/YFYNgzoA0URnmk+2PCaXON +0KVZYHEfCyDC795nzlwc6ILYBZdQj2GNMfzLtPVSnh1qhtogov9731fxJxGvfEAE0 Qu7Rr1Qn5741LwBqlQ2QhH+2M/VWaLbiCudASuDB33XeiY6Gjf0+TodtHE+Bc07GhW 80E+wefHmPs5Q== Original-Received: from alan by faroe.holly.idiocy.org with local (Exim 4.96) (envelope-from ) id 1qlyr8-000PJn-1H; Thu, 28 Sep 2023 22:47:34 +0100 X-Soverin-Authenticated: true Mail-Followup-To: Alan Third , Eshel Yaron , 66245@debbugs.gnu.org Content-Disposition: inline In-Reply-To: X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.bugs:271453 Archived-At: On Thu, Sep 28, 2023 at 03:46:36PM +0200, Eshel Yaron wrote: > > Is it possible for you to try a before and after test of how Emacs > > handles saving the state over a reboot? That is, have a running Emacs > > with open files and reboot, tick the "reopen windows when logging back > > in" option, and see if it behaves differently with this patch applied > > and not applied? > > I tried that now, and I couldn't see any difference. With and without > my patch, Emacs starts after reboot and shows the usual *scratch* > buffer, with no sign of the buffers/files that I had open before > rebooting. (That could have been nice though!) Thank you for testing that. I think this should go into emacs-29, but it's unclear to me what the (security) implications are. This change is required to fix CVE-2021-30873, which is rated "high", however it's over a year old at this point, and given that Apple are requiring us to explicitly set this in our code rather than forcing it on us, does that mean they don't consider it that big of a deal? Eli, Stefan, any thoughts? Does this look bad enough to force a new Emacs 29 release? The link with the in-depth explanation again: https://sector7.computest.nl/post/2022-08-process-injection-breaking-all-macos-security-layers-with-a-single-vulnerability/ CVE info: https://nvd.nist.gov/vuln/detail/CVE-2021-30873 -- Alan Third