From: Eli Zaretskii <eliz@gnu.org>
To: Sean Whitton <spwhitton@spwhitton.name>,
Stefan Monnier <monnier@iro.umontreal.ca>
Cc: dmitry@gutov.dev, jm@pub.pink, stefankangas@gmail.com,
75017@debbugs.gnu.org
Subject: bug#75017: 31.0.50; Untrusted user lisp files
Date: Sat, 28 Dec 2024 14:30:21 +0200 [thread overview]
Message-ID: <86o70wrnvm.fsf@gnu.org> (raw)
In-Reply-To: <871pxtp7rc.fsf@zephyr.silentflame.com> (message from Sean Whitton on Fri, 27 Dec 2024 13:36:55 +0000)
> From: Sean Whitton <spwhitton@spwhitton.name>
> Cc: dmitry@gutov.dev, jm@pub.pink, stefankangas@gmail.com,
> 75017@debbugs.gnu.org
> Date: Fri, 27 Dec 2024 13:36:55 +0000
>
> > I think this is the end-user's responsibility, not yours. So I urge
> > you to reconsider. At the very least ask the user at installation
> > time whether she wants to declare the entire tree trusted, but don't
> > do it unconditionally, because it basically renders this change in
> > large part ineffective, and then why did we even bother to do it,
> > delaying the release etc.?
>
> It sounds like I am significantly misunderstanding something. I thought
> that this trusted-files change was about, e.g., random Lisp files in my
> ~/Downloads/. Debian will certainly not be marking those as trusted!
Right.
> Let me step back a bit.
>
> If you install Emacs on the next release of Debian and you enable
> installing all suggested packages, you'll also get a bunch of major
> modes from GNU ELPA and elsewhere, such as markdown-mode (thanks to
> Xiyue Deng for sorting out the metadata such that these other modes are
> suggested by our package manager).
>
> These are Debian-vetted versions of these packages; we have lots of
> users who don't want to use package.el directly. The Lisp is installed
> under /usr/share/emacs/site-lisp/elpa-src. It's equally as safe as the
> code for Emacs itself; the same people (Debian Developers) have upload
> access for Emacs and for all those other major modes. So, I would have
> thought we would be marking those as trusted on behalf of our users.
>
> Does this still seem wrong to you? Can you see what I've misunderstood?
I think you assume that since this stuff is installed from Debian,
those directories are forever trusted. But that is only true
immediately after the installation. Some time after that, anything
can happen with these directories. Whether they can be trusted from
now to eternity is something for the user to say.
At least this is my opinion. I don't see myself as an expert on this,
so please wait for Stefan and others to chime in if they have
different opinions.
next prev parent reply other threads:[~2024-12-28 12:30 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-21 20:48 bug#75017: 31.0.50; Untrusted user lisp files john muhl
2024-12-22 2:47 ` Stefan Kangas
2024-12-22 3:16 ` Stefan Monnier via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-22 6:12 ` Eli Zaretskii
2024-12-22 17:36 ` Stefan Kangas
2024-12-22 18:41 ` Eli Zaretskii
2024-12-22 18:47 ` Drew Adams via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-23 14:10 ` Stefan Kangas
2024-12-23 14:29 ` Eli Zaretskii
2024-12-24 0:35 ` Stefan Kangas
2024-12-24 12:15 ` Eli Zaretskii
2024-12-23 19:15 ` Björn Bidar via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-22 6:19 ` Eli Zaretskii
2024-12-22 17:20 ` Stefan Kangas
2024-12-22 18:38 ` Eli Zaretskii
2024-12-22 19:52 ` Dmitry Gutov
2024-12-22 20:23 ` Eli Zaretskii
2024-12-22 20:27 ` Dmitry Gutov
[not found] ` <865xna60oj.fsf@gnu.org>
2024-12-23 14:36 ` Stefan Kangas
2024-12-24 23:29 ` Dmitry Gutov
2024-12-27 7:39 ` Sean Whitton
2024-12-27 8:35 ` Eli Zaretskii
2024-12-27 13:36 ` Sean Whitton
2024-12-28 12:30 ` Eli Zaretskii [this message]
2024-12-28 14:57 ` Stefan Monnier via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-23 0:32 ` john muhl
[not found] ` <86v7va4kj6.fsf@gnu.org>
2024-12-23 17:53 ` john muhl
2024-12-24 5:48 ` Stefan Monnier via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-12-24 23:58 ` Stefan Kangas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=86o70wrnvm.fsf@gnu.org \
--to=eliz@gnu.org \
--cc=75017@debbugs.gnu.org \
--cc=dmitry@gutov.dev \
--cc=jm@pub.pink \
--cc=monnier@iro.umontreal.ca \
--cc=spwhitton@spwhitton.name \
--cc=stefankangas@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.