From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <emacs-orgmode-bounces+larch=yhetil.org@gnu.org>
Received: from mp1 ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms0.migadu.com with LMTPS
	id WEUaORyFrmA+8AAAgWs5BA
	(envelope-from <emacs-orgmode-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Wed, 26 May 2021 19:27:56 +0200
Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp1 with LMTPS
	id gH/GNByFrmC/YgAAbx9fmQ
	(envelope-from <emacs-orgmode-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Wed, 26 May 2021 17:27:56 +0000
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 35455D5AE
	for <larch@yhetil.org>; Wed, 26 May 2021 19:27:56 +0200 (CEST)
Received: from localhost ([::1]:37022 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <emacs-orgmode-bounces+larch=yhetil.org@gnu.org>)
	id 1llxJx-0000f5-4X
	for larch@yhetil.org; Wed, 26 May 2021 13:27:53 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:44892)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <tecosaur@gmail.com>)
 id 1llx0N-0000U6-0e
 for emacs-orgmode@gnu.org; Wed, 26 May 2021 13:07:39 -0400
Received: from mail-pl1-x62d.google.com ([2607:f8b0:4864:20::62d]:42881)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <tecosaur@gmail.com>)
 id 1llx0L-00052D-AO; Wed, 26 May 2021 13:07:38 -0400
Received: by mail-pl1-x62d.google.com with SMTP id v13so932892ple.9;
 Wed, 26 May 2021 10:07:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=references:user-agent:from:to:cc:subject:in-reply-to:message-id
 :date:mime-version;
 bh=+VvLj+D+39pXou7UlH1yiTznCzqmGqMWezWI4DFfVHM=;
 b=aV1BoZAfPbvl31/K3dSQcUgA2kk1mlPYW0nMCxdO89VSUl8lxMlouwaqlXZvLSe/NH
 PX4rDYM/Jae0Qc5DW4hHCGgy1LZVtFX8hWb8FOLcm2Mh0kWl45bEc9Ft5NkDnzj2rEHo
 o+SX6k7H1v1t7JSTzlO4dhvL9eq5vTD1QfGFjR/Vl7qCHtwEnes3CSbZw29ckE+631Se
 +GuaK6cBxW9LaBYv3I3WOCqBmAaoW8UqV49f29p44ToWt+37KJKD+YWZgqRsEq+6oyk9
 4GekQoKaCIDbR/TwqfMvlz4w5vEQHqTKnIoGrF/N1+/c12rfA9+ZSOuSeO1yX5afHR2M
 DUNA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:references:user-agent:from:to:cc:subject
 :in-reply-to:message-id:date:mime-version;
 bh=+VvLj+D+39pXou7UlH1yiTznCzqmGqMWezWI4DFfVHM=;
 b=o7GZA8SAz2oIT81JgbZq6OMLC56hEikRcZhoiddYruyJGeIe1cMRab+5CHZo7i9oQA
 bWPmeyB4qYiYMEf4avNTBwamGOJ8JIP2TvPX7b8FONv6RgPzPldJ5I2zc23x7anQU0iL
 +mNPj3RpSqh8Shat1lWjmdvHtGh4w2u+TudSvFZsJjwdgpq7V6ipr73wYE3q/Hfm5OLC
 Q1pqWAVo1ysoxwsxHn08eYOpeZZU8jUzWmfE9AjowivLAW9jo5xx+iE/CLetomVc6Uz7
 NOudCtso2c7LJr8++zUbl8rSoqfizNNTLBmIvgLqzag0V87NDo8XD3Yv5EDkjFBcFMi2
 jyYw==
X-Gm-Message-State: AOAM530RXcOBKZnlcGHSQmQTCe89ppQBGRpUPLIFpP824V7mR2/J/mOA
 R6rRTXi0e1GpmBVIBl51ZWpTeWtJHzo=
X-Google-Smtp-Source: ABdhPJwKPEOMK86BSRORQ2HK8siD7Ef35IT85Y40tsV1sKkaWODJ9sCtoibvV6KRmZ1f3HEr1srNXw==
X-Received: by 2002:a17:902:a586:b029:fe:459b:2ce0 with SMTP id
 az6-20020a170902a586b02900fe459b2ce0mr996265plb.40.1622048851677; 
 Wed, 26 May 2021 10:07:31 -0700 (PDT)
Received: from localhost (180-150-91-8.b4965b.per.nbn.aussiebb.net.
 [180.150.91.8])
 by smtp.gmail.com with ESMTPSA id r5sm4730962pjd.2.2021.05.26.10.07.30
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 26 May 2021 10:07:31 -0700 (PDT)
References: <2nk0nl7asb.fsf@fencepost.gnu.org>
User-agent: mu4e 1.4.15; emacs 28.0.50
From: Timothy <tecosaur@gmail.com>
To: Glenn Morris <rgm@gnu.org>
Subject: Re: bug#48676: Arbitrary code execution in Org export macros
In-reply-to: <2nk0nl7asb.fsf@fencepost.gnu.org>
Message-ID: <87mtsho240.fsf@gmail.com>
Date: Thu, 27 May 2021 01:07:27 +0800
MIME-Version: 1.0
Content-Type: text/plain
Received-SPF: pass client-ip=2607:f8b0:4864:20::62d;
 envelope-from=tecosaur@gmail.com; helo=mail-pl1-x62d.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: emacs-orgmode@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "General discussions about Org-mode." <emacs-orgmode.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-orgmode>,
 <mailto:emacs-orgmode-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/emacs-orgmode>
List-Post: <mailto:emacs-orgmode@gnu.org>
List-Help: <mailto:emacs-orgmode-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-orgmode>,
 <mailto:emacs-orgmode-request@gnu.org?subject=subscribe>
Cc: 48676@debbugs.gnu.org, emacs-orgmode@gnu.org
Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org
Sender: "Emacs-orgmode" <emacs-orgmode-bounces+larch=yhetil.org@gnu.org>
X-Migadu-Flow: FLOW_IN
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1622050076;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:in-reply-to:in-reply-to:
	 references:references:list-id:list-help:list-unsubscribe:
	 list-subscribe:list-post:dkim-signature;
	bh=+VvLj+D+39pXou7UlH1yiTznCzqmGqMWezWI4DFfVHM=;
	b=fX4N9Y0SjWlM7enAdE0nyCU6I3eb6UwMDnKEUd/ZRFA901Ml9WDTIChXYsGLH1o06uQfDM
	EA5WvQfFdO6NswTllACXNnQlb8sYU0a0X6kKBQZwlgtxT1ly0yB0z6tsEv+6F5KJNs1bKm
	hCpKw2aMeXkhZ0JGQf48R7V5ZeUIbsnVijrUMt+3KmJ8R62X1uy5loP2erTPwg7UI5JaNY
	Feq58jlvwByKMnkZqcsZrl57T266sX+duxzNLuLtesUzfYN/R9Hr9SPKN5accKHURxXT+0
	MX8rMpWO8MTL+STWZxWAUHP+jhBJCwlOUv7HdbWW6VbxmfumSV6DXwCWhJYocQ==
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1622050076; a=rsa-sha256; cv=none;
	b=qd2mRsx8dShZeyHRtCHkLZwKFh30UiR2tIAQlxeRLn+DIKhtnDiSwbxzDKKIUEU4Kj57sf
	7VIYafn7m7HzHZBR61Rt2az4MG85rZjNRnKM0ckDodogWNcd/jPH0ev65Rkxu4RYfY3vBx
	tvaCZi+CO24oyzjWXR898s8o0/w0vc0ygrJoALjM4Hm9+n3a1yDFpUz4SknNbhY8Nu/Ib/
	HRmG1m2ujouxUTHeg2jp0ipTujLzgfh5RS1kduUR3xCx3M6r/A+ToECsYijf5A4mi4GMLg
	8YL/XtaQc57D0Zy+COjdF1QRHFqE4di1b1WJMxiHm2Gn6JLoq5h8cG/98TxtUQ==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=pass header.d=gmail.com header.s=20161025 header.b=aV1BoZAf;
	dmarc=pass (policy=none) header.from=gmail.com;
	spf=pass (aspmx1.migadu.com: domain of emacs-orgmode-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=emacs-orgmode-bounces@gnu.org
X-Migadu-Spam-Score: -3.13
Authentication-Results: aspmx1.migadu.com;
	dkim=pass header.d=gmail.com header.s=20161025 header.b=aV1BoZAf;
	dmarc=pass (policy=none) header.from=gmail.com;
	spf=pass (aspmx1.migadu.com: domain of emacs-orgmode-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=emacs-orgmode-bounces@gnu.org
X-Migadu-Queue-Id: 35455D5AE
X-Spam-Score: -3.13
X-Migadu-Scanner: scn0.migadu.com
X-TUID: BnQooXDm47pN


Thanks for reporting this.

Glenn Morris <rgm@gnu.org> writes:

> This seems contrary to normal Emacs practice for risky local variables,

Hmm, correct me if I'm wrong but the issue with risky local variables is
that they affect Emacs before the user sees them in the file? If this is
an important distinction, it means this particular type of concern does
not apply to Org #+macro statements, as they are not executed when the
user opens the file.

That said, if one were making say an automated Org file exporter or
something, I could see this being problematic. Perhaps a var set to
allow macros by default could be a good idea.

> and to the section "Code Evaluation and Security Issues" in the Org manual
> (which does not mention macros).

Looks like this should be updated regardless of the above.

--
Timothy