[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Emacs master, security concernes, ms-windows

From: Fabrice Popineau
Subject: Emacs master, security concernes, ms-windows
Date: Thu, 14 Sep 2017 09:58:36 +0200

Since there seems to be a lot of concerns wrt to security,
I am submitting the attached patch.

The reason for this patch is to limit the search for dlls loaded at 
runtime to the win32 system directory and/or the emacs application
In the current state, dlls can be picked up in any directory in the path.
Some one could fake one of these dlls (xpm, png, etc.) and use it for
mean reasons.  
It is not bullet proof, but it levels up security and 
many other projects have applied such a restriction.

Best regards,


Attachment: emacs-loadlibrary.diff
Description: Text document

reply via email to

[Prev in Thread] Current Thread [Next in Thread]