|
From: | Glenn Morris |
Subject: | bug#41619: [PATCH] Mark python-shell-virtualenv-root as safe local variable |
Date: | Sat, 13 Jun 2020 13:20:29 -0400 |
User-agent: | Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/) |
I don't understand how python-shell-virtualenv-root can be considered a safe local variable. Surely it controls what "python" executable gets run. As a test, I did: python3 -m venv /tmp/foo I then replaced /tmp/foo/bin/python with a shell-script: #!/bin/bash echo oh-oh I then ran: emacs -Q --eval '(setq python-shell-virtualenv-root "/tmp/foo")' -f python-mode C-c C-p This gives an inferior Python buffer with contents: oh-oh Process Python finished In other words, this looks like a recipe for arbitrary code execution.
[Prev in Thread] | Current Thread | [Next in Thread] |