From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Chong Yidong <cyd@stupidchicken.com>
Newsgroups: gmane.emacs.bugs
Subject: bug#4218: Security assertion needs modification or more detail
Date: Sat, 09 Jan 2010 16:17:22 -0500
Message-ID: <87d41jt1ul.fsf@stupidchicken.com>
Reply-To: Chong Yidong <cyd@stupidchicken.com>, 4218@debbugs.gnu.org
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: ger.gmane.org 1263072012 18908 80.91.229.12 (9 Jan 2010 21:20:12 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Sat, 9 Jan 2010 21:20:12 +0000 (UTC)
Cc: 4218@debbugs.gnu.org
To: Reuben Thomas <rrt@sc3d.org>
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Sat Jan 09 22:20:04 2010
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>
Envelope-to: geb-bug-gnu-emacs@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by lo.gmane.org with esmtp (Exim 4.50)
	id 1NTij4-0004rU-46
	for geb-bug-gnu-emacs@m.gmane.org; Sat, 09 Jan 2010 22:20:02 +0100
Original-Received: from localhost ([127.0.0.1]:49900 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1NTij4-0003AJ-M1
	for geb-bug-gnu-emacs@m.gmane.org; Sat, 09 Jan 2010 16:20:02 -0500
Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1NTiiI-0002Ut-Dj
	for bug-gnu-emacs@gnu.org; Sat, 09 Jan 2010 16:19:14 -0500
Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1NTiiB-0002Ri-Nc
	for bug-gnu-emacs@gnu.org; Sat, 09 Jan 2010 16:19:12 -0500
Original-Received: from [199.232.76.173] (port=58908 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1NTiiB-0002R6-2j
	for bug-gnu-emacs@gnu.org; Sat, 09 Jan 2010 16:19:07 -0500
Original-Received: from debbugs.gnu.org ([140.186.70.43]:60649)
	by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.60) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1NTiiA-0004fr-QD
	for bug-gnu-emacs@gnu.org; Sat, 09 Jan 2010 16:19:06 -0500
Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.69)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1NTih7-0005eJ-SL; Sat, 09 Jan 2010 16:18:01 -0500
X-Loop: bug-gnu-emacs@gnu.org
Mail-Followup-To: Chong Yidong <cyd@stupidchicken.com>, 4218@debbugs.gnu.org
Resent-From: Chong Yidong <cyd@stupidchicken.com>
Original-Sender: debbugs-submit-bounces@debbugs.gnu.org
Resent-To: owner@debbugs.gnu.org
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Sat, 09 Jan 2010 21:18:01 +0000
Resent-Message-ID: <handler.4218.B4218.126307184921691@debbugs.gnu.org>
Resent-Sender: bug-gnu-emacs@gnu.org
X-Emacs-PR-Message: followup 4218
X-Emacs-PR-Package: emacs
X-Emacs-PR-Keywords: 
Original-Received: via spool by 4218-submit@debbugs.gnu.org id=B4218.126307184921691
	(code B ref 4218); Sat, 09 Jan 2010 21:18:01 +0000
Original-Received: (at 4218) by debbugs.gnu.org; 9 Jan 2010 21:17:29 +0000
Original-Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1NTigb-0005do-KU
	for submit@debbugs.gnu.org; Sat, 09 Jan 2010 16:17:29 -0500
Original-Received: from pantheon-po19.its.yale.edu ([130.132.50.75])
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <cyd@stupidchicken.com>) id 1NTigZ-0005df-He
	for 4218@debbugs.gnu.org; Sat, 09 Jan 2010 16:17:27 -0500
Original-Received: from furry (173-14-147-246-NewEngland.hfc.comcastbusiness.net
	[173.14.147.246]) (authenticated bits=0)
	by pantheon-po19.its.yale.edu (8.12.11.20060308/8.12.11) with ESMTP id
	o09LHMP3029669
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Sat, 9 Jan 2010 16:17:23 -0500
Original-Received: by furry (Postfix, from userid 1000)
	id CA2C6C05D; Sat,  9 Jan 2010 14:17:22 -0700 (MST)
X-YaleITSMailFilter: Version 1.2c (attachment(s) not renamed)
X-Spam-Score: -5.6 (-----)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.11
Precedence: list
X-Spam-Score: -5.6 (-----)
Resent-Date: Sat, 09 Jan 2010 16:18:01 -0500
X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6 (newer, 3)
X-BeenThere: bug-gnu-emacs@gnu.org
List-Id: "Bug reports for GNU Emacs,
	the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/bug-gnu-emacs>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.bugs:34135
Archived-At: <http://permalink.gmane.org/gmane.emacs.bugs/34135>

> The docstring for compile-command says: "This variable is safe as a
> file local variable if its value satisfies the predicate `stringp'."
> I'd say this is arguable, as it can be set to an arbitrary command
> e.g. "send-me-all-your-passwords; make -k".

Thanks for the bug report.

I think the main risk occurs when the user has customized
compilation-read-command to nil, because then M-x compile does not issue
a prompt.  So, I've changed the predicate to consider compile-command
unsafe if compilation-read-command is nil.

We could be more aggressive and always consider compilation-command
unsafe, but I'm not sure that's warranted.  After all, there is the risk
that your makefile is malicious, anyway.