Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emac

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emac

From:	Robert Pluim
Subject:	Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop
Date:	Wed, 08 Mar 2023 16:47:40 +0100

>>>>> On Wed, 08 Mar 2023 16:17:08 +0200, Eli Zaretskii <eliz@gnu.org> said:

    >> From: Robert Pluim <rpluim@gmail.com>
    >> Cc: Po Lu <luangruo@yahoo.com>,  emacs-devel@gnu.org
    >> Date: Wed, 08 Mar 2023 12:47:19 +0100
    >> 
    >> We can then add `--funcall' to emacs-30, and revisit this there.

    Eli> Fair warning: I will object to adding --funcall just for this niche
    Eli> problem.  We didn't reach an agreement about --funcall at the time,
    Eli> and for good reasons; this particular use case does absolutely nothing
    Eli> to change the outcome of that discussion.

I donʼt remember the details of what was (dis)agreed, but I agree that
this usecase in itself doesnʼt justify --funcall. Iʼm sure people will
pipe up if they have a strong need.

Robert
--

[Prev in Thread]

Current Thread

[Next in Thread]

Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, (continued)

Prev by Date: Re: Explain a bit more on how to configure language server in Eglot's manual
Next by Date: Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop
Previous by thread: Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop
Next by thread: Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop
Index(es):
- Date
- Thread