[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: security of the emacs package system, elpa, melpa and marmalade

From: chad
Subject: Re: security of the emacs package system, elpa, melpa and marmalade
Date: Fri, 27 Sep 2013 16:12:18 -0400

On 27 Sep 2013, at 10:18, Matthias Dahl <address@hidden> wrote:
> All I am saying is: It would be very helpful if we could give the user a
> few tools to handle, grasp and maybe harden certain security aspects.

If the user is downloading and running random code from the internet
without checking its source in any way, then there's really not
very much you can do. Java tries to do this to fairly great expense,
and only vaguely succeeds. Python tried and gave up (apparently).

If people download and run code from GNU ELPA, then there's a
moderate degree of group-checking safety involved, similar to Debian
(once elpa signing is in place). If they insist on using random
snippets from wikis, forums, and marmalade (apparently; I haven't
looked closely at marmalade), then there's really not.

> You wouldn't work as root on your system, would you? And why should a
> plugin get full rights if just needs a few infos from the local buffer?

I think this `joke' from XKCD is pretty instructive here:


In other words, "at least they didn't get root" doesn't really
reflect the way computers are used today (/for the last decade).

As a practical matter of giving the user a few tools, you might be
better off looking at taint checking (perl, ruby) and warning the
user (and potentially, elpa/marmalade/etc), rather than trying to
add java-style sandboxing to elisp.

I hope that helps,

reply via email to

[Prev in Thread] Current Thread [Next in Thread]