bug-gnu-emacs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#45198: 28.0.50; Sandbox mode


From: Philipp Stephani
Subject: bug#45198: 28.0.50; Sandbox mode
Date: Sun, 13 Dec 2020 18:04:52 +0100

Am Sa., 12. Dez. 2020 um 20:40 Uhr schrieb Stefan Monnier
<monnier@iro.umontreal.ca>:
>
> One thing I'm particularly eager to hear your opinion about is whether
> there might be more holes to plug (i.e. more places where we need to
> call `ensure_no_sandbox`).  Clearly, from a security perspective, this is
> the main drawback of this approach: it's based on a black list rather
> than on a whitelist.  Still, I have the impression that it should
> be manageable.

I don't think such an approach can work. It assumes perfect knowledge
about anything that might be problematic, and also assumes that all
future changes to Emacs take the sandbox question into account.
Especially the latter point seems unrealistic, and this looks like a
security incident waiting to happen.
Sandboxing is good, but it should happen using an allowlist and
established technology, such as firejail/bubblewrap/Google sandboxed
API/...





reply via email to

[Prev in Thread] Current Thread [Next in Thread]