[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: emacsclient socket ownership
From: |
Stefan Monnier |
Subject: |
Re: emacsclient socket ownership |
Date: |
Tue, 06 Nov 2018 12:54:22 -0500 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) |
> There is no /run on macOS, and I'm pretty sure at least OpenBSD have
> rejected the idea.
It's OK: we can use OS-specific filenames.
And we'd want to preserve compatibility between old emacsclient and new
server.el and vice versa.
> Would not a better choice be to locate the socket at
> ${HOME}/.emacs.d/${something} instead?
That's another option, indeed.
IIRC it tends to work poorly when $HOME is on a network file system.
> At heart, I don't think this is really a security issue, so much as that
> root is the ultimate force for bypassing all protection in the Unix world.
> Without going to something akin to SELinux, or some similar MAC
> system, there isn't any way to prevent root accessing any socket, by
> design.
The problem is not Emacs trying to prevent root's emacsclient from
connecting, but root's emacsclient trying to avoid connecting
inadvertently to an attacker's socket.
Stefan
- Re: emacsclient socket ownership, (continued)
Re: emacsclient socket ownership, Glenn Morris, 2018/11/04
- Re: emacsclient socket ownership, Paul Eggert, 2018/11/05
- Re: emacsclient socket ownership, Stefan Monnier, 2018/11/05
- Re: emacsclient socket ownership, Paul Eggert, 2018/11/05
- Re: emacsclient socket ownership, Daniel Pittman, 2018/11/06
- Re: emacsclient socket ownership,
Stefan Monnier <=
- Re: emacsclient socket ownership, Paul Eggert, 2018/11/06
- Re: emacsclient socket ownership, Glenn Morris, 2018/11/13
- Re: emacsclient socket ownership, Eli Zaretskii, 2018/11/13