From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: Eli Zaretskii <eliz@gnu.org>
Newsgroups: gmane.emacs.devel
Subject: Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions
 of glibc (Bug#51073)
Date: Wed, 26 Jan 2022 05:24:41 +0200
Message-ID: <831r0vi3gm.fsf@gnu.org>
References: <164286838577.8429.4021499312049157333@vcs2.savannah.gnu.org>
 <20220122161946.44098C0DA30@vcs2.savannah.gnu.org> <877daqq9kp.fsf@yahoo.com>
 <CAArVCkREY-R0E16fi4DCs8oSTsdeKL0BChpcgdOcW9k+vfaV_Q@mail.gmail.com>
 <E1nCDFT-00037l-WA@fencepost.gnu.org> <83tudshvb1.fsf@gnu.org>
 <3915003C-0382-4F0A-9789-7072660BE158@gmail.com>
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="39596"; mail-complaints-to="usenet@ciao.gmane.io"
Cc: luangruo@yahoo.com, phst@google.com, rms@gnu.org, emacs-devel@gnu.org
To: Philipp Stephani <p.stephani2@gmail.com>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Wed Jan 26 04:27:39 2022
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1nCYyB-000ABF-10
	for ged-emacs-devel@m.gmane-mx.org; Wed, 26 Jan 2022 04:27:39 +0100
Original-Received: from localhost ([::1]:46154 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1nCYy9-0005xP-Gk
	for ged-emacs-devel@m.gmane-mx.org; Tue, 25 Jan 2022 22:27:37 -0500
Original-Received: from eggs.gnu.org ([209.51.188.92]:35112)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <eliz@gnu.org>) id 1nCYvY-0004ln-96
 for emacs-devel@gnu.org; Tue, 25 Jan 2022 22:24:56 -0500
Original-Received: from [2001:470:142:3::e] (port=52078 helo=fencepost.gnu.org)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <eliz@gnu.org>)
 id 1nCYvX-0008W8-RQ; Tue, 25 Jan 2022 22:24:55 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date:
 mime-version; bh=ErnC0XRgLM1XtDpaLd+42JwqGVRRl4ckKwL8yM8Hloc=; b=I+2PpBHAMyFD
 96BOY+/Lkfpxlp0gt6V5MQJimMHnZocGpwFrlF2V7mQImi6RPP9JQbN7ljYiybXAVjX+fxpxTmDeZ
 wYWNz5yFWlbmA/krdG/SuJk/RWL7zvB8bWcGbWmuiH7JYq0338I85abHiHFBuvk93Rq3UQ2kGa2ps
 UkVBk74L+oV9QNJItmH2dIMp67oF56tSLkHClHTSoCp6rYoUWvFETjlSWo2J+tlUlTmN4LNSYlX0n
 +PK1bcYdZMJWPn5lXPn1Q2CMWkiJsupM28j9u2V8U9j9wXBvoEZt04FoguKyXwZS4+FnrpJKBL1yS
 oQPxwr7UnKANL5qOZfIwyQ==;
Original-Received: from [87.69.77.57] (port=4211 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <eliz@gnu.org>)
 id 1nCYvR-0007Io-Jg; Tue, 25 Jan 2022 22:24:49 -0500
In-Reply-To: <3915003C-0382-4F0A-9789-7072660BE158@gmail.com> (message from
 Philipp Stephani on Tue, 25 Jan 2022 21:13:38 +0100)
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org
Original-Sender: "Emacs-devel"
 <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Xref: news.gmane.io gmane.emacs.devel:285410
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/285410>

> From: Philipp Stephani <p.stephani2@gmail.com>
> Date: Tue, 25 Jan 2022 21:13:38 +0100
> Cc: rms@gnu.org,
>  Po Lu <luangruo@yahoo.com>,
>  Philipp Stephani <phst@google.com>,
>  emacs-devel@gnu.org
> 
> 
> 
> > Am 25.01.2022 um 13:08 schrieb Eli Zaretskii <eliz@gnu.org>:
> > 
> >> From: Richard Stallman <rms@gnu.org>
> >> Date: Mon, 24 Jan 2022 23:16:03 -0500
> >> Cc: luangruo@yahoo.com, phst@google.com, emacs-devel@gnu.org
> >> 
> >>> That can happen any day, if glibc folks make some change we didn't
> >>> know about.  We cannot chase glibc development forever, we will never
> >>> succeed catching up with them, certainly not in the long run.
> >> 
> >> It's true that problems like this can happen any day.  Not just with
> >> Glibc but with lots of libraries that Emacs uses.  But that has been
> >> the case for many years.  Are things getting worse in some way?
> > 
> > If frequent changes to glibc cause Emacs to crash, that is bad.
> 
> These "crashes" are the whole point and purpose of seccomp filters.  If an Emacs process is sandboxed using a syscall filter, any unknown syscall has to exit the process ("crash"), otherwise the sandbox would be insecure.

The important point is that it makes Emacs unusable in this mode.
Perhaps security-wise this is what you want, but I very much doubt
that users will be pleased.