From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: "Herring, Davis" <herring@lanl.gov>
Newsgroups: gmane.emacs.devel
Subject: RE: Security flaw in enable-local-eval; new release plan
Date: Mon, 13 Aug 2012 12:45:33 +0000
Message-ID: <B393F5AD12955C48A84FFB08032CD04F0970CFEC@ECS-EXG-P-MB01.win.lanl.gov>
References: <87obmfsczi.fsf@gnu.org>,<87r4rbjo86.fsf@zigzag.favinet>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
X-Trace: dough.gmane.org 1344861953 24591 80.91.229.3 (13 Aug 2012 12:45:53 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Mon, 13 Aug 2012 12:45:53 +0000 (UTC)
Cc: "emacs-devel@gnu.org" <emacs-devel@gnu.org>
To: Thien-Thi Nguyen <ttn@gnuvola.org>, Chong Yidong <cyd@gnu.org>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Aug 13 14:45:54 2012
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1T0u1n-0001Is-U5
	for ged-emacs-devel@m.gmane.org; Mon, 13 Aug 2012 14:45:52 +0200
Original-Received: from localhost ([::1]:33474 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1T0u1n-0003Wh-3U
	for ged-emacs-devel@m.gmane.org; Mon, 13 Aug 2012 08:45:51 -0400
Original-Received: from eggs.gnu.org ([208.118.235.92]:53371)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <herring@lanl.gov>) id 1T0u1c-0003WL-LF
	for emacs-devel@gnu.org; Mon, 13 Aug 2012 08:45:49 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <herring@lanl.gov>) id 1T0u1X-0001uW-Ve
	for emacs-devel@gnu.org; Mon, 13 Aug 2012 08:45:40 -0400
Original-Received: from proofpoint4.lanl.gov ([204.121.3.52]:38516)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <herring@lanl.gov>)
	id 1T0u1X-0001tn-MX; Mon, 13 Aug 2012 08:45:35 -0400
Original-Received: from mailrelay1.lanl.gov (mailrelay1.lanl.gov [128.165.4.101])
	by proofpoint4.lanl.gov (8.14.4/8.14.4) with ESMTP id q7DCjXXe019661;
	Mon, 13 Aug 2012 06:45:33 -0600
Original-Received: from localhost (localhost.localdomain [127.0.0.1])
	by mailrelay1.lanl.gov (Postfix) with ESMTP id B9D4FE4091E;
	Mon, 13 Aug 2012 06:45:33 -0600 (MDT)
X-NIE-2-Virus-Scanner: amavisd-new at mailrelay1.lanl.gov
Original-Received: from ECS-EXG-P-CH01.win.lanl.gov (ecs-exg-p-ch01.win.lanl.gov
	[128.165.106.11])
	by mailrelay1.lanl.gov (Postfix) with ESMTP id A63DCE40911;
	Mon, 13 Aug 2012 06:45:33 -0600 (MDT)
Original-Received: from ECS-EXG-P-MB01.win.lanl.gov ([169.254.1.213]) by
	ECS-EXG-P-CH01.win.lanl.gov ([128.165.106.11]) with mapi id
	14.02.0309.002; Mon, 13 Aug 2012 06:45:33 -0600
Thread-Topic: Security flaw in enable-local-eval; new release plan
Thread-Index: AQHNeQFLOzoadVODmkuIzK8GDMfGx5dXSR6igABmKKQ=
In-Reply-To: <87r4rbjo86.fsf@zigzag.favinet>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [128.165.185.6]
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.7.7855, 1.0.260,
	0.0.0000
	definitions=2012-08-12_06:2012-08-10, 2012-08-12,
	1970-01-01 signatures=0
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6, seldom 2.4 (older,
	4)
X-Received-From: 204.121.3.52
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:152474
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/152474>

>    (let ((safe (or (hack-one-local-variable-eval-safep=0A=
>                     (eval (quote val)))=0A=
>                    ;; In case previously marked safe (bug#5636).=0A=
>                    (safe-local-variable-p var val))))=0A=
> [...]=0A=
> It seems control reaches =91eval=92 before reaching the =91:safe=92 check=
, thus=0A=
> defeating the check.  Am i missing something?=0A=
=0A=
The `eval' is of a `quote', so I don't know why it's not just `val'.  Meanw=
hile, calling `safe-local-variable-p' for the `eval' pseudo-variable seems =
wrong to me, even though by default nothing is safe for it (and it would be=
 insane to put an entry, nominally for `eval''s value as a variable, in `sa=
fe-local-variable-values').=0A=
=0A=
Davis=