From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: chad Newsgroups: gmane.emacs.devel,gmane.emacs.auctex.devel Subject: Re: [script vs ICon: latex binaries not found] (was: Emacs on macOS) Date: Sun, 3 Apr 2022 23:05:51 -0400 Message-ID: References: <0CBBB7FB-1D2A-46C7-90C2-8664913B0E29@icloud.com> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="00000000000085071a05dbcb6898" Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="30672"; mail-complaints-to="usenet@ciao.gmane.io" Cc: auctex-devel To: EMACS development team Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Mon Apr 04 05:06:48 2022 Return-path: Envelope-to: ged-emacs-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nbD3H-0007np-Lu for ged-emacs-devel@m.gmane-mx.org; Mon, 04 Apr 2022 05:06:47 +0200 Original-Received: from localhost ([::1]:34032 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nbD3G-00029v-56 for ged-emacs-devel@m.gmane-mx.org; Sun, 03 Apr 2022 23:06:46 -0400 Original-Received: from eggs.gnu.org ([209.51.188.92]:49578) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nbD2d-0001QH-0Z; Sun, 03 Apr 2022 23:06:07 -0400 Original-Received: from [2a00:1450:4864:20::134] (port=42839 helo=mail-lf1-x134.google.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1nbD2b-0000sQ-55; Sun, 03 Apr 2022 23:06:06 -0400 Original-Received: by mail-lf1-x134.google.com with SMTP id d5so14715386lfj.9; Sun, 03 Apr 2022 20:06:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=mIzANnv0x/WwtgciUsh+X/ffkGrye5FEQ9x1ISy2nEM=; b=EjiK9aFEs1X9ck9/nzYPBNNVvC4ptgsVKxAtjFWizbywtNn0MNhPxUreM/SBzS3NZr FJRPccuHWBJS7Ys0T5yBseVFDHagF3AJE5yacIq/u6VezYYftqZ5bmkXRRYooJ22B7H1 I3GJBOC2wDQiptXPtl6zVWOXd6lgagSs1kdgoHf4MziexvdydvGzWTROZGNY6JhgP7cD l/3cOzbQoOKBc+M8CzVy8ISPJx3I/f8qR/RXRUxffyrXzbygKvmRHehXPIWi3XornwSi yNrMK2/GO+wxykLe3kU6CdjinQ2SSOyjl+LA2zeNeqRCv0VgdLKe5e1dBaU+TVJ/8nzy Zysw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=mIzANnv0x/WwtgciUsh+X/ffkGrye5FEQ9x1ISy2nEM=; b=w4NvpIXh7Q/F+qnRVVCREoJWu2LcclavTGHOirs/n7meGnuiX2ee0tOU9Y7bLpBYbV XNIssxWuqGE4fKtb8+KroKxhRQ76LyfiL5cKvCWPuq7o7RDDnEax8Ep4r9qzgdj1GgrA eE88qaSJxO8NfBk365ekKZFyBWA3W5BxdscpNPK7O8uZA4+fwkW0zSstk9Wc/qhsMyNb 2h314HoeSW3KgOJTCwXHG/8U4O9PlMHHSU02w6Ey4SsiijnDJRpV8xkbngh9Df5FQoEk 0q3oIYxdShoiZEiNEKohkbcfuD3DJtqobkirL+Ey0KL78UtTWmGo62cnFPT7rgEt8kr6 9VtA== X-Gm-Message-State: AOAM530DCyieGsGdeFPM9S+oFzgUzOHQ5WEk2ybot1MPNhs/m7mXr8Lg uOcAxCcxLxzuDEpDak4athQpVuF7gJKC6fQOq5/08MT1 X-Google-Smtp-Source: ABdhPJxHAwJp58hF7oszUXnsunULCQ5x3D8j7dW5iC6Ou7b68Xv7lzgGTib7+oo/G92mqCqb6Zmo8q+jNP53xxWEUmY= X-Received: by 2002:a05:6512:31d0:b0:44a:db2:8f20 with SMTP id j16-20020a05651231d000b0044a0db28f20mr21129902lfe.96.1649041561944; Sun, 03 Apr 2022 20:06:01 -0700 (PDT) In-Reply-To: X-Host-Lookup-Failed: Reverse DNS lookup failed for 2a00:1450:4864:20::134 (failed) Received-SPF: pass client-ip=2a00:1450:4864:20::134; envelope-from=yandros@gmail.com; helo=mail-lf1-x134.google.com X-Spam_score_int: -6 X-Spam_score: -0.7 X-Spam_bar: / X-Spam_report: (-0.7 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, PDS_HP_HELO_NORDNS=0.659, RCVD_IN_DNSWL_NONE=-0.0001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.io gmane.emacs.devel:287740 gmane.emacs.auctex.devel:6663 Archived-At: --00000000000085071a05dbcb6898 Content-Type: text/plain; charset="UTF-8" The point of the ruby script is to set up paths and before launching the actual emacs binary, since starting a gui app under macOS doesn't do most of the things that a unix-based application like emacs probably expects. (To be fair, there's only about 60 years of precedent built up, so...) The other side of the coin is this: macOS uses an ever-tightening security system that is intended to prevent users from unintentionally running "dangerous" processes. I stopped using macOS before the current generation of these systems, but they do fairly typical security-system things, including restricting access to parts of the file system and refusing to run/hampering unsigned/untrusted binaries. There is a way to tell the system "yes, I know emacs isn't security-blessed; run it anyway" -- that's (I presume) what that xattr command does. Wrapper scripts present a new problem: are you security-blessing emacs, the wrapper script, or both? Just saying "yeah, any ruby script can run whatever it wants" is probably not the sort of operation that the OS security team wants to make trivial. As an alternative to the wrapper-script approach, there used to be an emacs package that helped with some of these issues. IIRC, it's currently called exec-path-from-shell. Hope that helps, ~Chad --00000000000085071a05dbcb6898 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
The point of the ruby script is to set up paths and before= launching the actual emacs binary, since starting a gui app under macOS do= esn't do most of the things that a unix-based application like emacs pr= obably expects. (To be fair, there's only about 60 years of precedent b= uilt up, so...)

The other side of the coin is this: macO= S uses an ever-tightening security system that is intended to prevent users= from unintentionally running "dangerous" processes. I stopped us= ing macOS before the current generation of these systems, but they do fairl= y typical security-system things, including restricting access to parts of = the file system and refusing to run/hampering unsigned/untrusted binaries. = There is a way to tell the system "yes, I know emacs isn't securit= y-blessed; run it anyway" -- that's (I presume) what that xattr co= mmand does. Wrapper scripts present a new problem: are you security-blessin= g emacs, the wrapper script, or both? Just saying "yeah, any ruby scri= pt can run whatever it wants" is probably not the sort of operation th= at the OS security team wants to make trivial.

As = an alternative to the wrapper-script approach, there used to be an emacs pa= ckage that helped with some of these issues. IIRC, it's currently calle= d exec-path-from-shell.=C2=A0

Hope that helps,
~Chad

--00000000000085071a05dbcb6898--