From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Max Nikulin Newsgroups: gmane.emacs.bugs Subject: bug#68687: Org mode code evaluation Date: Fri, 2 Feb 2024 11:58:44 +0700 Message-ID: <87bc23dd-7c0b-4f9a-a54d-29716e948c5c__16091.6869923071$1706850015$gmane$org@gmail.com> References: <6d94fff4-4d30-4121-bfd1-f267cb5b637c@gmail.com> <8734uqpvgn.fsf@tec.tecosaur.net> <49fa47c0-522a-46d7-ba0d-6e688aa26a8e@gmail.com> <74b83cf9-cd7e-429a-bd9d-0af964e1ddc5@gmail.com> <8634uh5rrq.fsf@gnu.org> <87mssn81dw.fsf@localhost> <28314.1706634769@alto> <87mssmvhdw.fsf@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="8002"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Mozilla Thunderbird Cc: 68687@debbugs.gnu.org, eliz@gnu.org, emacs-orgmode@gnu.org, kupfer@rawbw.com, stefankangas@gmail.com To: rms@gnu.org, Ihor Radchenko Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Fri Feb 02 06:00:09 2024 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1rVleq-0001sA-1T for geb-bug-gnu-emacs@m.gmane-mx.org; Fri, 02 Feb 2024 06:00:08 +0100 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rVlea-00021d-Pm; Thu, 01 Feb 2024 23:59:52 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rVleZ-00021U-Ip for bug-gnu-emacs@gnu.org; Thu, 01 Feb 2024 23:59:51 -0500 Original-Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rVleZ-0003sr-AL for bug-gnu-emacs@gnu.org; Thu, 01 Feb 2024 23:59:51 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1rVlej-0002Zb-PY for bug-gnu-emacs@gnu.org; Fri, 02 Feb 2024 00:00:01 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Max Nikulin Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 02 Feb 2024 05:00:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 68687 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch Original-Received: via spool by 68687-submit@debbugs.gnu.org id=B68687.17068499469768 (code B ref 68687); Fri, 02 Feb 2024 05:00:01 +0000 Original-Received: (at 68687) by debbugs.gnu.org; 2 Feb 2024 04:59:06 +0000 Original-Received: from localhost ([127.0.0.1]:43448 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rVldq-0002XT-6q for submit@debbugs.gnu.org; Thu, 01 Feb 2024 23:59:06 -0500 Original-Received: from mail-lj1-x231.google.com ([2a00:1450:4864:20::231]:53262) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rVldn-0002Ww-Lc for 68687@debbugs.gnu.org; Thu, 01 Feb 2024 23:59:05 -0500 Original-Received: by mail-lj1-x231.google.com with SMTP id 38308e7fff4ca-2d07ffa0a9cso7539281fa.2 for <68687@debbugs.gnu.org>; Thu, 01 Feb 2024 20:58:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706849927; x=1707454727; darn=debbugs.gnu.org; h=content-transfer-encoding:in-reply-to:mail-followup-to:from :content-language:references:cc:to:subject:user-agent:mime-version :date:message-id:sender:from:to:cc:subject:date:message-id:reply-to; bh=FSys50LomsgxRWUIA5m1J9yeuKxinoSmyKN8BJ9qPuw=; b=RJyskw//oYTUmLrhge37nK1be1UY2eUnx9wPn5M1MMrij8IrrwqvsfPpoyl4Qr3TOX L6PGcdd6spC0zva2aijecmdroz35781AMDV5Zm9y2LRV9xCVfBFN9Ns+1vMU/ei7Uxr/ aaomfuEgaQAH9xTP9QnDK417dBrCiiuLzUO6jsXlMl4ihGM6OfFqAdP8Pev4Rg5bP+Y2 6aGQLFZs+txeXs5oV9CNIfdvVi9/VceIPpehVozqfRTx431LqXpiBCHCk1f4QSeYtKY4 4RwPcOWTA1zeX0PEzOpkhmargh9F0LQ4qgXSo7W44krnq7aZ0d/61VWqAs7ZTIHNsT+t m4Og== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706849927; x=1707454727; h=content-transfer-encoding:in-reply-to:mail-followup-to:from :content-language:references:cc:to:subject:user-agent:mime-version :date:message-id:sender:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=FSys50LomsgxRWUIA5m1J9yeuKxinoSmyKN8BJ9qPuw=; b=pGzb8XAIJeui5PjSHhRf89bGDz+SJ2MuDLC52GpkRxoj4U8Y50hG9ktA1OYjMzv2up oH29nUhXB3yepCXNNrJxVwN2B0CFq4Nku3gs3PiK6DXyzR7Q3FXvZnjdT8w5b8ibd9f7 iEPPu1bmtfd/qMb7WBN8WK24i2W3Dfz+q89az0PmEzduGlyPhEBjl4383/Qa+cCxblH+ lOGfYJOmlvjAfZV0O3gvFc5RPmrvLvGkKQ8b7JM77Fv1KRk6KqX2btGP0e6tihQK16q6 xRn9rhxBUstjaEM8MyKyEQlf3kWJ7RbvOpmwzGLVnBChSV8lrHc84x9XmN4IBtjpYx5m MmhQ== X-Gm-Message-State: AOJu0YxrlIASLHvxDEvIVNM8roXzH2HESYIv4bLjBV1iiptPmi5GRZxt mCSa+NQexpUroIzfO0sv4ObJgYZU2QMrH2QiSDcw+dDEMVN1Firv X-Google-Smtp-Source: AGHT+IGUyq4jGwqGAiqf6Ty95/cb+SshBVua6xi8i28+xlwSw9rqUIkSlUbIguCQeuHwiDyv8adCcw== X-Received: by 2002:a2e:8e6b:0:b0:2d0:6f23:7cd7 with SMTP id t11-20020a2e8e6b000000b002d06f237cd7mr426331ljk.12.1706849926908; Thu, 01 Feb 2024 20:58:46 -0800 (PST) X-Forwarded-Encrypted: i=0; AJvYcCWPZ+KowA8BT19fVfzW9hUeIubxjuZMdRy8Hgug7x3IilYfyF01bp2WaXHXRa2inMkURmLhBkN6WQI2o5ljYbKkJLZ26Hf16ka23Q3AXhxlKU2YKYol5oOIMowfQ2wB3q3EVZJU2tq8OJ42rlp+UvjNTopC5nbmXC1axyB9SIauWYj7v1Cwl+OjGRqMszMCYHRJARESItjr Original-Received: from [192.168.0.101] (nat-0-0.nsk.sibset.net. [5.44.169.188]) by smtp.googlemail.com with ESMTPSA id n21-20020a2e7215000000b002cd65f9ce8asm147215ljc.118.2024.02.01.20.58.45 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 01 Feb 2024 20:58:46 -0800 (PST) Content-Language: en-US, ru-RU Mail-Followup-To: rms@gnu.org, Ihor Radchenko , kupfer@rawbw.com, 68687@debbugs.gnu.org, emacs-orgmode@gnu.org, stefankangas@gmail.com, eliz@gnu.org In-Reply-To: X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.bugs:279316 Archived-At: On 02/02/2024 10:38, Richard Stallman wrote: > > > I did not imply that Org mode is safe. I directly said that there are > > security issues and that they are known. > > Could you plesae post a pointer to a desciption of them? I would strongly prefer to move discussion of Org security to a dedicated thread on emacs-orgmode or emacs-devel and leave this bug to media types used for Org. Whenever the suggested patch committed (as a whole or in parts) or not, admit that Org mode is already used as media type handler for mail messages and downloaded files. I have tried a couple more ideas, but have not managed to achieve code execution when files are loaded (assuming default or plausible user settings). If Org keystrokes are not active when mail messages are opened then it should be safe enough. (However I suspect an issue unrelated to code execution.) If Emacs or Org mode has severe issues then it is possible to exploit them even without the patch. Just send a message having 3 attachments covering all variants of Content-Type. The point is to minimize discrepancy related to Org mode stuff within Emacs and outside of it. E.g. in default configuration Thunderbird on Debian 12 bookworm sends attachments as text/org. Emacs core uses text/x-org or application/vnd.lotus-organizer. With no action taken it will last further.