From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Jacob Bachmeyer Newsgroups: gmane.emacs.devel Subject: Re: Preview: portable dumper Date: Tue, 06 Dec 2016 17:13:52 -0600 Message-ID: <58474630.3040707@gmail.com> Reply-To: jcb62281@gmail.com NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Trace: blaine.gmane.org 1481066160 32397 195.159.176.226 (6 Dec 2016 23:16:00 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Tue, 6 Dec 2016 23:16:00 +0000 (UTC) User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.1.22) Gecko/20090807 MultiZilla/1.8.3.4e SeaMonkey/1.1.17 Mnenhy/0.7.6.0 Cc: emacs-devel@gnu.org To: dancol@dancol.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed Dec 07 00:15:53 2016 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cEOxl-0007JM-3k for ged-emacs-devel@m.gmane.org; Wed, 07 Dec 2016 00:15:53 +0100 Original-Received: from localhost ([::1]:35458 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cEOxo-0005zb-W0 for ged-emacs-devel@m.gmane.org; Tue, 06 Dec 2016 18:15:57 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:57521) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cEOxF-0005zP-9n for emacs-devel@gnu.org; Tue, 06 Dec 2016 18:15:22 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cEOxA-0003mv-C6 for emacs-devel@gnu.org; Tue, 06 Dec 2016 18:15:21 -0500 Original-Received: from mail-oi0-f66.google.com ([209.85.218.66]:36595) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1cEOxA-0003WN-6w for emacs-devel@gnu.org; Tue, 06 Dec 2016 18:15:16 -0500 Original-Received: by mail-oi0-f66.google.com with SMTP id u15so43403765oie.3 for ; Tue, 06 Dec 2016 15:14:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:reply-to:user-agent:mime-version:to:cc:subject :references:content-transfer-encoding; bh=OzPp0EgWpEVwmLegfofKap9PsbbaTRKxWnzyekzGDsw=; b=gcGK3kkIDEWYeqVBisV+XkvaLkTXniUbjbpAUeaNGeIHtiC6MeHfd+ECQB6SP+dFhb zYsKjuwD/YA/roatB5ZT0hDHKV7F8eph39G74MrNzEi5ddQdYzUVfwfUImvNXT12KwUw 3tm3rRnQ3BC0dZdQe1uAzNBbQdeWX/uTnTK8YQpU4fLmPu+7GwEBPESZlr5AK2t4bl+P Ztx/EArDubKED5e4pLL/BhSPo2G+sLBAZugheYW7kHm7c221aw8fTZYcxO7YlTHaEYGX gtLWlih0Yq+Gn0yRlVVLMuy5I1mmjV2XQacRwjGdzu4QjjfDwqC3K8IJRV/xxBOCnAjd HnpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:reply-to:user-agent :mime-version:to:cc:subject:references:content-transfer-encoding; bh=OzPp0EgWpEVwmLegfofKap9PsbbaTRKxWnzyekzGDsw=; b=VlS22Rh1LPqi0OfbJPgJiFOsgPjfCkn1z+0WMa5CZsMfixf3bYWPfw7d3Cvyd3ljA0 mM43Td0p32hAPMJlngicR6dbOqJQkFH+lagxgjvUX2uwdl0xBlhuwXDfUhr6FDfN217o rhgdO8BXan6rVbP7BcozuV7zoQryyn5ubhJKTaJ8NJIxBOwkqX1yXCp3BU8UO1WgyWWW Cj3JQx8xDtGCFQC8XHVw73Yaed+fUUBXdwbBZyHwu7ymRaud8URPeFzaDAgWsf/1Ych9 d+MArLS6rbiJL2gUNXN1MMdLXdqDLTMpgE1Mn3Z1q6dyfVDtWo6HdwmNyu6JfvnRpjk6 GwrA== X-Gm-Message-State: AKaTC03F76aOiWwRMC6a9a9F4GDaEIXeaUTxGEnO0vwrhLwFqa6dV09ZcbBkr2Qzs24B6g== X-Received: by 10.202.177.65 with SMTP id a62mr32083975oif.52.1481066034150; Tue, 06 Dec 2016 15:13:54 -0800 (PST) Original-Received: from [192.168.2.42] (adsl-70-133-149-96.dsl.ablntx.sbcglobal.net. [70.133.149.96]) by smtp.gmail.com with ESMTPSA id q59sm8488547ota.20.2016.12.06.15.13.53 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 06 Dec 2016 15:13:53 -0800 (PST) Original-References: r0251sxsoh6a.fsf@dancol.org X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.85.218.66 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.org gmane.emacs.devel:210096 Archived-At: > > (Or we could just randomize per-user and dump Emacs the first time it > runs for a particular user? If we do that after loading ~/.emacs, we > also improve people's startup time. Invalidating and regenerating the > dump when configuration changes would be a challenge though.) That should not be too difficult, if you can track which files were read when creating the dump and store some fields from the stat(2) information on those files in the dump. I am using this approach in a packaging system that I am developing to close a race between attaching a file to an archive handle and actually writing the archive, at which time the digest of the file is computed. (I wanted to avoid reading input files twice.) I take a conservative approach and verify that the st_{ino,dev,size,blocks,{m,c}tim{e,.tv_nsec}} fields are all unchanged. For my use, writing the archive produces a hard failure if this check fails; for Emacs, failing that check would indicate "time to rebuild the fast-load cache". On the other hand, I think that per-user dumps are a bad idea--the Emacs dump is an inscrutable binary blob and therefore a good place for an intruder to hide persistent nastiness. This could allow an intruder to add a back door to a user's Emacs in a difficult-to-detect manner while needing only temporary access to that user's account, say, from exploiting any program that user runs. -- Jacob