From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Noam Postavsky Newsgroups: gmane.emacs.bugs Subject: bug#28489: Acknowledgement (27.0.50; eieio-persistent slot type validation should be a bit smarter) Date: Fri, 29 Sep 2017 20:57:20 -0400 Message-ID: <87r2updmvj.fsf@users.sourceforge.net> References: <87lglcn8dt.fsf@ericabrahamsen.net> <878th1i50l.fsf@ericabrahamsen.net> <87wp4lf1kq.fsf@users.sourceforge.net> <87ing4cd04.fsf@ericabrahamsen.net> <87h8vnftnx.fsf@users.sourceforge.net> <87zi9fxvnh.fsf@ericabrahamsen.net> <8760c2fike.fsf@users.sourceforge.net> <87vak16ybk.fsf@ericabrahamsen.net> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: blaine.gmane.org 1506733097 13669 195.159.176.226 (30 Sep 2017 00:58:17 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Sat, 30 Sep 2017 00:58:17 +0000 (UTC) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.60 (gnu/linux) Cc: 28489@debbugs.gnu.org To: Eric Abrahamsen Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Sat Sep 30 02:58:13 2017 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dy66a-0002sq-Ts for geb-bug-gnu-emacs@m.gmane.org; Sat, 30 Sep 2017 02:58:09 +0200 Original-Received: from localhost ([::1]:37670 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dy66i-00014G-4V for geb-bug-gnu-emacs@m.gmane.org; Fri, 29 Sep 2017 20:58:16 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:39051) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dy66a-00012s-HV for bug-gnu-emacs@gnu.org; Fri, 29 Sep 2017 20:58:09 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dy66U-0000Bq-Hc for bug-gnu-emacs@gnu.org; Fri, 29 Sep 2017 20:58:08 -0400 Original-Received: from debbugs.gnu.org ([208.118.235.43]:59347) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dy66U-0000BG-E8 for bug-gnu-emacs@gnu.org; Fri, 29 Sep 2017 20:58:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1dy66T-0004Ex-TO for bug-gnu-emacs@gnu.org; Fri, 29 Sep 2017 20:58:01 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Noam Postavsky Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sat, 30 Sep 2017 00:58:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 28489 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: Original-Received: via spool by 28489-submit@debbugs.gnu.org id=B28489.150673305116254 (code B ref 28489); Sat, 30 Sep 2017 00:58:01 +0000 Original-Received: (at 28489) by debbugs.gnu.org; 30 Sep 2017 00:57:31 +0000 Original-Received: from localhost ([127.0.0.1]:39795 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dy65z-0004E5-Eq for submit@debbugs.gnu.org; Fri, 29 Sep 2017 20:57:31 -0400 Original-Received: from mail-it0-f45.google.com ([209.85.214.45]:48332) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dy65w-0004Dp-Ns for 28489@debbugs.gnu.org; Fri, 29 Sep 2017 20:57:29 -0400 Original-Received: by mail-it0-f45.google.com with SMTP id m123so1703148ita.3 for <28489@debbugs.gnu.org>; Fri, 29 Sep 2017 17:57:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=a0FZToT8wuU4qbM8A6lQkeoAHlOSfzptKW5UTsMHmUo=; b=XGxVB415/GSc07cR1GWKca563kuiQ/4B8808GOWorGRTeGVIDG3f3yNsNNh1BQ8jdv zkyPQvmLduKWgCuAu1fFEDX3+BjCXpVyTRJhsAeL0vwoJf3ZpcAPy88MGNgt4lWG0fGj KvLqWmszx/KjVBYrfbsVn5GUnhgXtjQFhTs1btLzoH38BHjuUivvejM5VMOtVdj/6RNV vj2qWaw1c5Xv+w8z3XJwCsoI5G+ExupB63IB9A8tcIRh+S3cvkdAJuXh2N7QmH8UNw5F /dpn9L/6NGhWAHRP4uA2lN8F9l3Vr6YWqfNCqCgZNXLHOFrGYT65J0nZmykq/ronzGIq 6ldA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:references:date :in-reply-to:message-id:user-agent:mime-version; bh=a0FZToT8wuU4qbM8A6lQkeoAHlOSfzptKW5UTsMHmUo=; b=FO6mhgAAriEae+dGKUh/DLgbWuUYkboc69rlYB33HdQWa15UgZ+tOkC1hP/fiO62Dt lHVgwoksfM1V6wFreAL3BcXDs/IJh2zLUGhBTirmKHrz3qttpqrwVUwlWWSgHBPTsYef c/+aBCwZ9yGRXIpvMmMTfGMYZqqLb3jwNtTY9TtBteQNAx6l3aTOUqtA3lof89pQGLsK MaI8H0G1h2NT/WFqIf3cR78YTMDcPy75jb9v1Pg46H/Gg8E5vb4oxS5vG2+vmMLMycli 2b5d+q3hAvClPTgfCAnMe6Cm3Vw0s+MetCY0LD6yRKCv1a44dD9FwiRomn5c/4bD0wdg eIgA== X-Gm-Message-State: AMCzsaWS7dN7efrdEWaAayMAL6nyWSvrH8q1zk8qFDZDewTbqhzdjDyf u6qOSdylp5wLkC7CAt73Lq7Ubw== X-Google-Smtp-Source: AOwi7QA7W0WE6jvxdes51CUQDKV02mYKBQnhE2TpyhGEP17uj0/I8XZ9bDaTNQdfulW3Cbc/qVX6VQ== X-Received: by 10.36.132.6 with SMTP id h6mr9857989itd.51.1506733042801; Fri, 29 Sep 2017 17:57:22 -0700 (PDT) Original-Received: from zebian ([45.2.119.34]) by smtp.googlemail.com with ESMTPSA id k128sm1949052ith.26.2017.09.29.17.57.20 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 29 Sep 2017 17:57:21 -0700 (PDT) In-Reply-To: <87vak16ybk.fsf@ericabrahamsen.net> (Eric Abrahamsen's message of "Fri, 29 Sep 2017 13:31:59 -0700") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:137657 Archived-At: Eric Abrahamsen writes: > That sounds like the right solution. I've never looked at > unsafep.el, and don't know exactly how it works, Basically, there is a whitelist: symbols which have the property `safe', are ok, stuff like progn is okay if all the things inside are also `safe'. So if we can be sure an object constructor does nothing but create an object then it could be marked safe. > 3. Object creation could run malicious code *if* someone had overridden > `initialize-instance' or `shared-initialize', Hmm, it might be a difficult to be confident that calling some generic function is safe. > I might as well write tests that exercise the whole eieio-persistent > round-trip: create a few test objects, write them to a tmp file, and > read them back as objects. Sounds good.