Are there any security risks in Emacs?

  • Third party packages.

    Any package you install into Emacs can run arbitrary code with the same privileges as the Emacs process itself. Be aware of this when you use the package system (for example, M-x list-packages) with third party archives. Use only third parties that you can trust!

  • Using an out-of-date Emacs version.

    For security purposes, we recommend always using the latest officially released version of Emacs. Using old versions of Emacs might put your security at risk, as newer versions occasionally include important security fixes. Please review the Emacs release notes and the etc/NEWS file for details.

    Upgrading to the most recent version is particularly important if you use Emacs as a mail client, or to edit files that come from untrusted sources. You should be able to install the latest version of Emacs through your system’s package manager, and it is always available at the Emacs website.

  • The file-local-variable feature. (Yes, a risk, but easy to change.)

    There is an Emacs feature that allows the setting of local values for variables when editing a file by including specially formatted text near the end of the file. This feature also includes the ability to have arbitrary Emacs Lisp code evaluated when the file is visited. Obviously, there is a potential for Trojan horses to exploit this feature.

    Emacs has a list of local variables that are known to be safe to set. If a file tries to set any variable outside this list, it asks the user to confirm whether the variables should be set. You can also tell Emacs whether to allow the evaluation of Emacs Lisp code found at the bottom of files by setting the variable enable-local-eval.

    See File Variables in The GNU Emacs Manual.

  • Browsing the web.

    Emacs relies on C libraries to parse images, and historically, many of these have had exploitable weaknesses. If you’re browsing the web with the eww browser, it will usually download and display images using these libraries. If an image library has a weakness, it may be used by an attacker to gain access.