From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Stefan Kangas Newsgroups: gmane.emacs.bugs Subject: bug#24489: efaq: security risks Date: Tue, 11 Aug 2020 18:38:12 -0700 Message-ID: References: <7ca8f2ur15.fsf@fencepost.gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="36633"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux) Cc: 24489@debbugs.gnu.org To: Glenn Morris Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Wed Aug 12 03:39:12 2020 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1k5fjT-0009QZ-LS for geb-bug-gnu-emacs@m.gmane-mx.org; Wed, 12 Aug 2020 03:39:11 +0200 Original-Received: from localhost ([::1]:48068 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1k5fjS-0003L4-N2 for geb-bug-gnu-emacs@m.gmane-mx.org; Tue, 11 Aug 2020 21:39:10 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:37832) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1k5fjK-0003Km-E7 for bug-gnu-emacs@gnu.org; Tue, 11 Aug 2020 21:39:02 -0400 Original-Received: from debbugs.gnu.org ([209.51.188.43]:58925) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1k5fjK-0004nr-4k for bug-gnu-emacs@gnu.org; Tue, 11 Aug 2020 21:39:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1k5fjJ-0004DG-Vu for bug-gnu-emacs@gnu.org; Tue, 11 Aug 2020 21:39:01 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Stefan Kangas Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Wed, 12 Aug 2020 01:39:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 24489 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: security Original-Received: via spool by 24489-submit@debbugs.gnu.org id=B24489.159719630216124 (code B ref 24489); Wed, 12 Aug 2020 01:39:01 +0000 Original-Received: (at 24489) by debbugs.gnu.org; 12 Aug 2020 01:38:22 +0000 Original-Received: from localhost ([127.0.0.1]:42235 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1k5fig-0004C0-Hc for submit@debbugs.gnu.org; Tue, 11 Aug 2020 21:38:22 -0400 Original-Received: from mail-yb1-f174.google.com ([209.85.219.174]:40488) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1k5fic-0004Bi-Cu for 24489@debbugs.gnu.org; Tue, 11 Aug 2020 21:38:21 -0400 Original-Received: by mail-yb1-f174.google.com with SMTP id q3so492611ybp.7 for <24489@debbugs.gnu.org>; Tue, 11 Aug 2020 18:38:18 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:in-reply-to:references:user-agent :mime-version:date:message-id:subject:to:cc; bh=fulqd1FQlwFFODBwYXVr1ODVjIuA5WsB3bpkyuJW8fA=; b=jY8IlKSVO4WSUa1fT3xgMrjKJwCtRRTNH1U2o5/CVMubgxkFCkYo1ZUJ88XZUn0+lR 4V1oAAQMJVUYukSiHQFxFfk5tXlJOhBzMUOO6FNV6ixqoT+8HGPaQHQXsm1/PfGh+nTC klfQtoQ1xYm4CrNP4Kr+s3pZAPuRkaiIB/5Y4qTUOrey/Fw0lNgyQQpXTQ+hIYFNAUtD jMQp7NRX+VLr1k9wFWivvHGb56k3eELNHB9s9DIVICvtGnvSCfha/Ueo69nWBWKidDo1 rEn9+yANiJ2/P+bnFZRb97Z4p5XDb88lTj2HcMwk6kmiimA85+as5VlZmmDxEagiALXk Xl8g== X-Gm-Message-State: AOAM531pgDXB8nlFQtslMSDnLmzla6MSHXO1nSLZWhisuRNVL9akZ7ta s7SDuku7vV0SCS0BEckuUoaByy3MA/teBad7rGA= X-Google-Smtp-Source: ABdhPJypXMaculMYgVA0WSa/6nP6KLvuJK853Vp+MV9kCyaOs/bIvXvH41FiTe1pub+JOfXL7oocLb6QNHz9bAgpjNU= X-Received: by 2002:a25:b290:: with SMTP id k16mr21391006ybj.389.1597196292831; Tue, 11 Aug 2020 18:38:12 -0700 (PDT) Original-Received: from 753933720722 named unknown by gmailapi.google.com with HTTPREST; Tue, 11 Aug 2020 18:38:12 -0700 In-Reply-To: <7ca8f2ur15.fsf@fencepost.gnu.org> (Glenn Morris's message of "Tue, 20 Sep 2016 18:48:06 -0400") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.io gmane.emacs.bugs:184716 Archived-At: Glenn Morris writes: > The (very crufty) Emacs FAQ contains a section: > > "Are there any security risks in Emacs?" > > The stuff about movemail and synthetic X events is archaic. The movemail stuff was removed in 61223a046c (Bug#37818). What do you think we should do about synthetic X events? > There is no mention of the more current problems: > > 1) installing a package runs arbitrary code > Better make sure you trust whoever gave you that package (gpg signing) > and how you got it (https), etc. This was added in the same commit 61223a046c. > 2) using an Emacs mail client to view HTML mail is a security risk if remote > content is fetched (I think it isn't by default, but this might not > apply to every client) Is it important to warn about this privacy issue here? I would expect that any sensible Emacs MUA would disable remote fetching by default, and document the issues with enabling it. > 3) viewing remote HTML content (eg with eww or xwidgets) is likewise a > potential security risk. True, but isn't this a bit too general to be useful in the context of the FAQ? Best regards, Stefan Kangas