From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Chris Moore Newsgroups: gmane.emacs.devel Subject: Re: C file recoginzed as image file Date: Sun, 07 Jan 2007 10:21:34 +0100 Message-ID: References: NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: sea.gmane.org 1168161719 29535 80.91.229.12 (7 Jan 2007 09:21:59 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Sun, 7 Jan 2007 09:21:59 +0000 (UTC) Cc: c.a.rendle@gmail.com, emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sun Jan 07 10:21:57 2007 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.50) id 1H3UE1-0007np-5W for ged-emacs-devel@m.gmane.org; Sun, 07 Jan 2007 10:21:57 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1H3UE0-00065h-J2 for ged-emacs-devel@m.gmane.org; Sun, 07 Jan 2007 04:21:56 -0500 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1H3UDl-00065c-7K for emacs-devel@gnu.org; Sun, 07 Jan 2007 04:21:41 -0500 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1H3UDj-00065Q-K3 for emacs-devel@gnu.org; Sun, 07 Jan 2007 04:21:40 -0500 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1H3UDj-00065N-GO for emacs-devel@gnu.org; Sun, 07 Jan 2007 04:21:39 -0500 Original-Received: from [66.249.92.175] (helo=ug-out-1314.google.com) by monty-python.gnu.org with esmtp (Exim 4.52) id 1H3UDj-0003DO-2o for emacs-devel@gnu.org; Sun, 07 Jan 2007 04:21:39 -0500 Original-Received: by ug-out-1314.google.com with SMTP id j3so6708289ugf for ; Sun, 07 Jan 2007 01:21:38 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:to:cc:references:from:date:in-reply-to:message-id:user-agent:mime-version:content-type:x-sa-exim-connect-ip:x-sa-exim-mail-from:x-spam-checker-version:x-spam-level:x-spam-status:subject:x-sa-exim-version:x-sa-exim-scanned:sender; b=kQLk/1jMxLUWcffagCvn9BEP8NW0lP/Pqoy+1NwfnKXAOTh9nRzuWN1oVpJtztERaI09dWJR3ec4jMbSJ1Zri4cQTPGKKFAyZx4HHsF3CiE2O/kuNPdj7UEKncY8+LGGltrwYYPXNgE8Ij2fzBaaFDgoNNQoSKHT4mjZf9Lw3Ko= Original-Received: by 10.67.22.7 with SMTP id z7mr13030910ugi.1168161698174; Sun, 07 Jan 2007 01:21:38 -0800 (PST) Original-Received: from chrislap.local ( [89.176.28.156]) by mx.google.com with ESMTP id b35sm37847660ugd.2007.01.07.01.21.36; Sun, 07 Jan 2007 01:21:37 -0800 (PST) Original-Received: from localhost ([127.0.0.1] helo=chrislap.local) by chrislap.local with esmtp (Exim 4.63) (envelope-from ) id 1H3UDe-0000NA-Cn; Sun, 07 Jan 2007 10:21:35 +0100 Original-To: rms@gnu.org In-Reply-To: (Richard Stallman's message of "Sat\, 06 Jan 2007 22\:47\:10 -0500") User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.0.92 (gnu/linux) X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: dooglus@gmail.com X-SA-Exim-Version: 4.2.1 (built Sun, 03 Dec 2006 00:39:09 +0000) X-SA-Exim-Scanned: Yes (on chrislap.local) X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:64906 Archived-At: Richard Stallman writes: > It would never have occurred to me to have doubts about opening a > JPG file. I am sure the same is true of many Emacs users. If we > believe that having Emacs display JPG files as images is dangerous, > we had better make sure Emacs NEVER does so by default. Maybe the JPG libraries are safe and always have been, I don't know. But all it takes is for ONE of the image libraries which Emacs uses to be exploitable and you're finished. Suppose that's an unpatched vulnerability in the tiff library. All the attacker needs to do is rename his virus.tiff file to virus.jpg and send it to you. You'll open it, because you have no doubts about opening JPG files, and then you'll be surprised to find you're infected because it wasn't actually a JPG file at all - it was a disguised TIFF file. > In the case I described > all I've seen so far is the file's name so as far as I know it is a C > source file. > > How did the data get into a file in the first place? Did it go > through Emacs? Did you see the data before you saved it in a file? Maybe I used 'wget' to download it from a website. Maybe I'm browsing a remote site using TRAMP in Emacs and somebody else put the data into the file. Maybe I saved an email attachment using GNUS. None of these would have displayed the data before saving it. > I never save data from a message in a file without seeing it, but > perhaps you use a method. How do you see it safely? However you do it, wouldn't it be more convenient to arrange for Emacs to do it for you, and to warn you if the content doesn't match the extension?