|
From: | Paul Eggert |
Subject: | bug#51327: 28.0.60; emacsclient warns about XDG_RUNTIME_DIR when starting daemon on-demand |
Date: | Tue, 7 Dec 2021 11:03:35 -0800 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.3.1 |
On 12/7/21 06:58, Stefan Kangas wrote:
Eli Zaretskii <eliz@gnu.org> writes:Agreed. The only question is if this patch should go to emacs-28 or master? Perhaps Eli or Lars has an opinion about that.AFAIU, Ulrich wasn't happy with that patch and proposed an alternative?You are correct, so it seems like we need to think about this more closely before taking action. I linked the relevant emacs-devel thread with more discussion separately.
Although none of us has done a thorough security audit, I still think that looking in TMPDIR first is a security loophole that is exploitable in some circumstances.
Ulrich says the loophole is small because Emacs verifies that the current user is the socket owner. However, small loopholes can still be exploited: for example, an attacker could cause you to think that you're connecting to your Emacs when you're really connecting to another of your processes, and this could still lead to problems (particularly if you're root).
[Prev in Thread] | Current Thread | [Next in Thread] |