bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#51327: 28.0.60; emacsclient warns about XDG_RUNTIME_DIR when startin

From: Paul Eggert
Subject: bug#51327: 28.0.60; emacsclient warns about XDG_RUNTIME_DIR when starting daemon on-demand
Date: Wed, 8 Dec 2021 11:06:12 -0800
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.3.1 
On 12/7/21 22:57, Jim Porter wrote:
Doing that by default opens a loophole for all emacsclient users, but what about a command-line flag like `emacsclient --allow-tmpdir-loophole' and/or an environment variable like `EMACS_ALLOW_TMPDIR_LOOPHOLE=1 emacsclient' (with a better name, of course)? Then, the default behavior would be free of loopholes[2], but Ulrich's case could be achieved by passing that flag when calling emacsclient. It might even be possible for Gentoo to enable that for the user in the appropriate cases...
Yes, I think something like this would be OK. The command-line flag would be easier to audit.
Not sure whether a last-minute change like this should go into Emacs 28, though, even though it's security-relevant. Eli would be a better judge of that.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]