0001-Redo-emacsclient-socket-symlink-attack-checking.txtDescription: Text document
|
| From: | Paul Eggert |
| Subject: | bug#33847: 27.0.50; emacsclient does not find server socket |
| Date: | Fri, 21 Aug 2020 14:28:36 -0700 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 |
On 8/19/20 4:05 AM, Lars Ingebrigtsen wrote:
I've just skimmed the thread, but the patch seems to me like a reasonable thing to add to make these use cases work again.
Although that patch would makes the use cases work again, it does so at the expense of security in XDG environments, because it opens holes allowing symlink attacks. You log in in an XDG environment, you don't run Emacs server, you run emacsclient - and the attacker's symlink in /tmp (or whatever) causes emacsclient to send garbage to some other socket of yours that may not be prepared for the garbage.
I spent quite a bit of time looking into this and came up with the attached proposed patch which should make the use cases work again without opening security holes. This patch fixes some other bugs that I noticed while I was in the area.
These use cases continue to be dubious security-wise (for other programs as well as for Emacs), but if they're popular then this patch should help people avoid shooting themselves in the foot quite so often.
0001-Redo-emacsclient-socket-symlink-attack-checking.txt
Description: Text document
| [Prev in Thread] | Current Thread | [Next in Thread] |