[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: emacsclient socket ownership
From: |
Stefan Monnier |
Subject: |
Re: emacsclient socket ownership |
Date: |
Fri, 02 Nov 2018 14:49:45 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) |
> Talking, in and of itself, is not a vulnerability. Can the limited
> user’s server.el actually entice the root’s emacsclient to do
> something that user would not be able to do?
Right, the problem is not really that the other end of the socket
belongs to another user, but that the other end may be something else
than intended (e.g. it could be some unsuspecting daemon running as
root: the attacker just made the root user send "garbage" to that
daemon which may lead to exploiting a vulnerability in the daemon).
I agree that the problem may not be the most threatening there is if you
consider random attackers trying to exploit vulnerabilities anywhere
they can, but if you consider an attacker aiming at a particular user
and able to adjust its attack based on knowledge of the user's usage
pattern, I'm sure we can come up with scenarios where this problem can
be exploited.
Stefan
Re: emacsclient socket ownership, Glenn Morris, 2018/11/04
- Re: emacsclient socket ownership, Paul Eggert, 2018/11/05
- Re: emacsclient socket ownership, Stefan Monnier, 2018/11/05
- Re: emacsclient socket ownership, Paul Eggert, 2018/11/05
- Re: emacsclient socket ownership, Daniel Pittman, 2018/11/06
- Re: emacsclient socket ownership, Stefan Monnier, 2018/11/06
- Re: emacsclient socket ownership, Paul Eggert, 2018/11/06