From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Eli Zaretskii Newsgroups: gmane.emacs.bugs Subject: bug#75017: 31.0.50; Untrusted user lisp files Date: Sun, 22 Dec 2024 20:38:46 +0200 Message-ID: <86ldw75zrd.fsf@gnu.org> References: <87bjx43gp7.fsf@pub.pink> <86frmg6xzf.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="34137"; mail-complaints-to="usenet@ciao.gmane.io" Cc: jm@pub.pink, 75017@debbugs.gnu.org To: Stefan Kangas Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Sun Dec 22 19:42:24 2024 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1tPQuF-0008k7-V9 for geb-bug-gnu-emacs@m.gmane-mx.org; Sun, 22 Dec 2024 19:42:24 +0100 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tPQty-00065J-Cy; Sun, 22 Dec 2024 13:42:06 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tPQtu-00064v-Rs for bug-gnu-emacs@gnu.org; Sun, 22 Dec 2024 13:42:04 -0500 Original-Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1tPQtu-0004Lk-J6 for bug-gnu-emacs@gnu.org; Sun, 22 Dec 2024 13:42:02 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-version:References:In-Reply-To:From:Date:To:Subject; bh=fnoiIMV2OJmAd7ObGtvPnYk0GpAO9XoDjV53kIESCTA=; b=gWL+b0egZ+fvtnbLXi71hvIF9RFy0ljng+3yTXQE3d3eNx8EZIraEPfBaItFzJsyWoN/usAP1d2ou0lTmzppP6Xk2/gvsBKmHaPjQHnu3dNnbVsi6nY4bh5QV7jmoe6pSXm+VQcgZdOwAEzb6qOshFiMeKhyatMCF5jmzvokeMNWeCnRb7XIAOD06zU0EUig48ACK5RrGcwe7FMWj4a5vceRlBDTcLZUBFYYNfij+cVJplJYzYV2lJO82w3nOy7BvaO1FwhcHtUfbdJjqgHQX9mIIy0XsT2tKlWJittaEkaEcV/gRQKcQm4cNaaTUFglsf8kHC3PB9gAlTxYbfq1IQ==; Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1tPQtu-0002pS-6Y for bug-gnu-emacs@gnu.org; Sun, 22 Dec 2024 13:42:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Eli Zaretskii Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sun, 22 Dec 2024 18:42:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 75017 X-GNU-PR-Package: emacs Original-Received: via spool by 75017-submit@debbugs.gnu.org id=B75017.173489286810789 (code B ref 75017); Sun, 22 Dec 2024 18:42:02 +0000 Original-Received: (at 75017) by debbugs.gnu.org; 22 Dec 2024 18:41:08 +0000 Original-Received: from localhost ([127.0.0.1]:51877 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tPQt2-0002nw-03 for submit@debbugs.gnu.org; Sun, 22 Dec 2024 13:41:08 -0500 Original-Received: from eggs.gnu.org ([209.51.188.92]:59062) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tPQsy-0002nI-Ko for 75017@debbugs.gnu.org; Sun, 22 Dec 2024 13:41:06 -0500 Original-Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tPQqm-00036L-86; Sun, 22 Dec 2024 13:38:48 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From: Date; bh=fnoiIMV2OJmAd7ObGtvPnYk0GpAO9XoDjV53kIESCTA=; b=WIdwsBgKjjKaljNn+oN0 MxnEyJ9AeA2xTsn+JfB+xHDEwvnAL25yrE4vUgDLSSZSIo1OEGfmKqMRF7bc5SfgfHwZ8lrCB6PXu W+DLQ0v3ofTHb70g4ISHnDO7vr5hv+PhMfww84Inol2PaLuasMHLDVvoWTYGk7PkvzX+TKsc9jQb2 qbbhiRxAoycbjLWRd2QM4HEHmYJILvWHBEU/JHS1HYD7yo/1CaeKWp/iPC3uZoUfpPPGnHVK9wBL7 7AAEovajjM/7bxI5MRTgGZYV6T3Rvn+IpSKHHbeptfDg9HtUXLciWKj/AbI3E5TNlF67SpEJVzAFe P/5T+zNUnIZidg==; In-Reply-To: (message from Stefan Kangas on Sun, 22 Dec 2024 17:20:13 +0000) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.bugs:297614 Archived-At: > From: Stefan Kangas > Date: Sun, 22 Dec 2024 17:20:13 +0000 > Cc: 75017@debbugs.gnu.org > > Eli Zaretskii writes: > > > No, not IMO. Please add those files you know you can trust to the > > list of trusted files, and let's see if that works well for you. If, > > after you have used that for some time, you have observations to > > report or changes to suggest, please do, but let's please base such > > observations on some sufficiently significant (read: long enough) > > experience. > > > >> What about files put in place by a system admin or your distro’s > >> Emacs package (e.g. site-run-file, default.el)? They generally > >> require root priviledges to install so if they can’t be trusted > >> you’re already in trouble. > > > > On my system, these files do not need any admin privileges, so I don't > > think we should trust them by default. Users who know that these > > files are modified only by trusted admins can and probably should add > > them to the list of trusted files, if they need that (in general, > > there should be no need to run Flymake in those files, in which case > > these files don't need to be added even if they are trusted). > > I don't think it's meaningful to consider them as not > `trusted-content-p`, when we automatically load these files into any > running Emacs session. No, we don't load anything. It's the user who tells us whether to load these files, by placing them in those locations and naming them according to what Emacs looks for. It's up to the user to tell us whether everything in those files is trustworthy. And let's not forget that various packages write to the init files, so not everything there was written by the user.