[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: package security auditing and isolation
From: |
Stefan Monnier |
Subject: |
Re: package security auditing and isolation |
Date: |
Thu, 06 Apr 2017 10:48:20 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux) |
> I propose two specific pieces of functionality, which I think are
> essential to this task:
>
> 1) tools for analyzing the source code and finding the function calls
> that can be dangerous. This includes eval, calling the shell, etc.
>
> I don't know how feasible this is, but IMHO it would be valuable. At the
> very least it could make code reviews easier by focusing on the
> potentially problematic sections. I think Emacs' core is the right place
> to add such code, not modules or add-on packages.
Are you thinking of this to protect against accidental problems, or to
protect against a malicious attacker?
It seems like it would be completely ineffective against a malicious
attacker (especially if such an tool auditing is "standardized"), but
I can't imagine it being very effective for the accidental case either.
> 2) establishing isolation levels in the C core. Simply put, not all
> packages need to be able to run shell commands, delete or modify files,
> and so on. When the user installs or updates a package, if the needed
> access levels change, that should be noted and acknowledged.
That could be done, but it's a major restructuring, which will probably
require major changes to be able to isolate packages from each other.
Stefan
- package security auditing and isolation, Ted Zlatanov, 2017/04/06
- Re: package security auditing and isolation,
Stefan Monnier <=
- Re: package security auditing and isolation, Yuri Khan, 2017/04/06
- Re: package security auditing and isolation, Ted Zlatanov, 2017/04/06
- Re: package security auditing and isolation, Stefan Monnier, 2017/04/06
- Re: package security auditing and isolation, Ted Zlatanov, 2017/04/06
- Re: package security auditing and isolation, Stefan Monnier, 2017/04/06
- Re: package security auditing and isolation, Ted Zlatanov, 2017/04/06
- Re: package security auditing and isolation, Tim Cross, 2017/04/07
- Re: package security auditing and isolation, Clément Pit-Claudel, 2017/04/06