From: Adam Porter <adam@alphapapa.net>
To: emacs-devel@gnu.org
Subject: Re: [ELPA/elpa-admin] Render README.org as ASCII with ox-ascii
Date: Sun, 29 Aug 2021 19:01:25 -0500 [thread overview]
Message-ID: <878s0jztpm.fsf@alphapapa.net> (raw)
In-Reply-To: 0d8b81d8-e923-dc17-e815-3b1082a20a12@gmail.com
Clément Pit-Claudel <cpitclaudel@gmail.com> writes:
> On 8/29/21 6:52 PM, Adam Porter wrote:
>> Hi Stefan, et al,
>>
>> Having added taxy.el to ELPA, I noticed that its README.org file isn't
>> very readable on the ELPA site, because it's rendered as a raw file,
>> including long lines that extend beyond the edge of the HTML PRE block,
>> raw Org-syntax, etc.
>>
>> Thankfully, Org has an ASCII/UTF-8 export backend that cleanly renders
>> Org to plain text. It only took a few lines of to make use of it.
>> Please see the attached patches. (While I was at it, I took the liberty
>> of adding a couple of docstrings and renaming a few variables to help me
>> understand the code.)
>
> How much does security matter in this case? AFAIR exporting an Org
> file can run arbitrary code; would this patch allow a package in ELPA
> to subvert the build process of another package?
>
> And if so, is that a problem, or is there sufficient scrutiny of the
> inputs to ELPA? IIRC any package author can push to ELPA and updates
> will propagate immediately, so the worry would be that in the time
> between the introduction of a worm and its detection a large number of
> end users might install bad code.
Hi Clément,
Yes, that's a good question. I don't know if I can fully answer it,
myself.
I would guess that those who have commit access to ELPA are considered
trusted, and regardless of potentially using Org Export while building
packages, those committers could already add malicious code that could
end up being distributed to users until someone noticed and reverted the
changes.
Also, AFAIU, ELPA already runs Makefiles for packages as part of the
build process, and those can run arbitrary code, which I guess could do
things like modify other packages, modify the build process or scripts,
or anything else that the user account the build process runs as could
do on the server.
So, based on my understanding, this change wouldn't make the build
process less secure, per se. One might say that it could offer a new
way in which to obfuscate or hide malicious code, but I'd guess that,
since we already seem to trust the people who can commit to ELPA now,
this wouldn't change the status quo.
Please let me know if I'm missing something. :) Thanks.
next prev parent reply other threads:[~2021-08-30 0:01 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-29 22:52 [ELPA/elpa-admin] Render README.org as ASCII with ox-ascii Adam Porter
2021-08-29 23:28 ` Adam Porter
2021-08-29 23:38 ` Clément Pit-Claudel
2021-08-30 0:01 ` Adam Porter [this message]
2021-08-30 1:49 ` Clément Pit-Claudel
2021-08-30 2:15 ` Adam Porter
2021-08-30 0:48 ` Stefan Monnier
2021-08-30 1:29 ` Adam Porter
2021-08-30 2:13 ` [ELPA/elpa-admin] Render README.org as HTML with ox-html Adam Porter
2021-09-03 2:01 ` Adam Porter
2021-09-07 3:31 ` Stefan Monnier
2021-09-07 8:12 ` Philip Kaludercic
2021-09-07 10:26 ` Adam Porter
2021-09-10 20:58 ` Stefan Monnier
2021-09-12 13:03 ` Adam Porter
2021-09-20 4:29 ` Stefan Monnier
2021-09-20 6:41 ` Stefan Kangas
2021-09-20 13:40 ` Basil L. Contovounesios
2021-09-20 19:57 ` Adam Porter
2021-09-20 23:26 ` Adam Porter
2021-10-09 15:08 ` Stefan Monnier
2021-10-09 16:39 ` Eric Abrahamsen
2021-10-10 3:37 ` Stefan Monnier
2021-10-10 3:54 ` Corwin Brust
2021-10-10 13:27 ` Stefan Monnier
2021-10-10 4:32 ` Eric Abrahamsen
2021-10-10 14:50 ` Adam Porter
2021-10-10 15:30 ` Stefan Monnier
2021-08-30 17:49 ` [ELPA/elpa-admin] Render README.org as ASCII with ox-ascii Philip Kaludercic
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=878s0jztpm.fsf@alphapapa.net \
--to=adam@alphapapa.net \
--cc=emacs-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).