From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Fabrice Popineau Newsgroups: gmane.emacs.devel Subject: Re: Emacs master, security concernes, ms-windows Date: Thu, 14 Sep 2017 15:46:21 +0200 Message-ID: References: <87k211xv4b.fsf@qcore> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="001a11414a20a2fc71055926813b" X-Trace: blaine.gmane.org 1505396864 8345 195.159.176.226 (14 Sep 2017 13:47:44 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Thu, 14 Sep 2017 13:47:44 +0000 (UTC) Cc: Emacs developers To: =?UTF-8?Q?=C3=93scar_Fuentes?= Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Thu Sep 14 15:47:38 2017 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dsUUT-0001wb-Ey for ged-emacs-devel@m.gmane.org; Thu, 14 Sep 2017 15:47:37 +0200 Original-Received: from localhost ([::1]:47907 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dsUUa-00036T-IH for ged-emacs-devel@m.gmane.org; Thu, 14 Sep 2017 09:47:44 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:42849) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dsUTj-00032N-WE for emacs-devel@gnu.org; Thu, 14 Sep 2017 09:46:56 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dsUTf-0004n2-2D for emacs-devel@gnu.org; Thu, 14 Sep 2017 09:46:52 -0400 Original-Received: from smtp2.supelec.fr ([160.228.120.31]:52755) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dsUTe-0004lO-Oz for emacs-devel@gnu.org; Thu, 14 Sep 2017 09:46:46 -0400 Original-Received: from localhost (localhost [127.0.0.1]) by smtp2.supelec.fr (Postfix) with ESMTP id 7061280454 for ; Thu, 14 Sep 2017 15:46:43 +0200 (CEST) X-Virus-Scanned: amavisd-new at smtp2.supelec.fr Original-Received: from smtp2.supelec.fr ([127.0.0.1]) by localhost (smtp2.supelec.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tXlnKUuy56iO for ; Thu, 14 Sep 2017 15:46:43 +0200 (CEST) Original-Received: from mail-qt0-f180.google.com (mail-qt0-f180.google.com [209.85.216.180]) by smtp2.supelec.fr (Postfix) with ESMTPSA id C56B38030A for ; Thu, 14 Sep 2017 15:46:42 +0200 (CEST) Original-Received: by mail-qt0-f180.google.com with SMTP id 47so254717qts.10 for ; Thu, 14 Sep 2017 06:46:42 -0700 (PDT) X-Gm-Message-State: AHPjjUgJd/x74/HlAC4o7ZScKnSqfjwVDadaHAbZ8RDsx9WUYoReLIg7 SKMyUfPRujV2wyi0AWCJM9EBmXigRAf4oE0KBTw= X-Google-Smtp-Source: AOwi7QB9vNm1XWZ5eJ7gbQql5gfjh5zJe6wxk4XLnNbmgjnvxfGoS1tKUzqwWS+HwqE8ypWL5jVDwh4HmL9rsAkd4xc= X-Received: by 10.237.56.101 with SMTP id j92mr15904653qte.241.1505396802114; Thu, 14 Sep 2017 06:46:42 -0700 (PDT) Original-Received: by 10.140.82.21 with HTTP; Thu, 14 Sep 2017 06:46:21 -0700 (PDT) In-Reply-To: <87k211xv4b.fsf@qcore> X-Gmail-Original-Message-ID: X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [fuzzy] X-Received-From: 160.228.120.31 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.org gmane.emacs.devel:218266 Archived-At: --001a11414a20a2fc71055926813b Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable 2017-09-14 15:33 GMT+02:00 =C3=93scar Fuentes : > Fabrice Popineau writes: > > Apart from that, the security provided by this approach is questionable. > If the attacker has enough control to install a DLL and modify the PATH, > it is game over. > At the moment, any libpng.dll (for example) on the PATH can be loaded by emacs. With this restriction, only the one provided with an emacs package will be. I came to 'fix' this because I am using the Anaconda Python distribution which also provides its own set of dlls. At some point I got a failure because their dlls got loaded, instead of the mingw64 ones. Finally, this patch can be a hindrance for those who build Emacs. After > the build is over, you need to copy the required extra dlls (for image > support, etc) to the build binary directory to test or use Emacs. Not a > huge inconvenience, but it isn't irrelevant either. > > That's true. --=20 Fabrice --001a11414a20a2fc71055926813b Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


2017-09-14 15:33 GMT+02:00 =C3=93scar Fuentes <ofv@wanadoo.es>:
Fabrice Popineau <fabr= ice.popineau@gmail.com> writes:

Apart from that, the security provided by this approach is questionable. If the attacker has enough control to install a DLL and modify the PATH, it is game over.

At the moment, any lib= png.dll (for example) on the PATH can be loaded by emacs.
With th= is restriction, only the one provided with an emacs package will be.
<= div>
I came to 'fix' this because I am using the Anac= onda Python distribution which also
provides its own set of dlls.= At some point I got a failure because their dlls got loaded,
ins= tead of the mingw64 ones.

Fabrice
--001a11414a20a2fc71055926813b--