[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#41619: [PATCH] Mark python-shell-virtualenv-root as safe local varia
|
From: |
Eli Zaretskii |
|
Subject: |
bug#41619: [PATCH] Mark python-shell-virtualenv-root as safe local variable |
|
Date: |
Tue, 16 Jun 2020 20:54:06 +0300 |
> From: "Philip K." <philip@warpmail.net>
> Cc: rgm@gnu.org, 41619@debbugs.gnu.org
> Date: Tue, 16 Jun 2020 19:32:52 +0200
>
> > So all we need is to remove the :safe attribute from the variable? Or
> > something else?
>
> That would make it harder for projects to hide malicious values of
> python-shell-virtualenv-root, but it's still an attack vector in
> principle.
Then I don't think I understand how you suggest to fix this.
- bug#41619: [PATCH] Mark python-shell-virtualenv-root as safe local variable, Eli Zaretskii, 2020/06/13
- bug#41619: [PATCH] Mark python-shell-virtualenv-root as safe local variable, Glenn Morris, 2020/06/13
- bug#41619: [PATCH] Mark python-shell-virtualenv-root as safe local variable, Eli Zaretskii, 2020/06/15
- bug#41619: [PATCH] Mark python-shell-virtualenv-root as safe local variable, Philip K., 2020/06/16
- bug#41619: [PATCH] Mark python-shell-virtualenv-root as safe local variable, Eli Zaretskii, 2020/06/16
- bug#41619: [PATCH] Mark python-shell-virtualenv-root as safe local variable, Philip K., 2020/06/16
- bug#41619: [PATCH] Mark python-shell-virtualenv-root as safe local variable,
Eli Zaretskii <=
- bug#41619: [PATCH] Mark python-shell-virtualenv-root as safe local variable, Philip K., 2020/06/16
- bug#41619: [PATCH] Mark python-shell-virtualenv-root as safe local variable, Eli Zaretskii, 2020/06/20