[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#865: 23.0.60; The directory is unsafe today
From: |
Stefan Monnier |
Subject: |
bug#865: 23.0.60; The directory is unsafe today |
Date: |
Wed, 10 Sep 2008 12:32:40 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/23.0.60 (gnu/linux) |
>> > But I don't think we should dismiss the privacy issue just because it
>> > can be bypassed by an ill meaning program: the same can happen on
>> > Unix, given a program that deliberately gains root access. "Normal"
>> > programs don't use those special access flags and privileges, and so
>> > cannot access files in a private directory.
>>
>> Huh? Those programs that can deliberately gain root access are kept
>> under very tight control. For a normal user to be able to read
>> arbitrary files on the system is considered as a major security hole on
>> unixy systems (even if she has to go through contortions to do that).
> I'm not going to argue about merits and demerits of Unix vs Windows
> wrt security. My point was that using a private directory in
> server.el is important on Windows even if you think its security level
> is lower than that of Unix systems.
I don't think it is, actually, so we violently agree.
> And I hoped that you'd provide some guidance for implementing this
> on Windows.
As mentioned, ideally the Emacs C code should notice when
default-file-modes is #o700 that the files&dirs should be created
"private", whatever that means in the w32 world.
Even better would be if each individual file-modes bits were interpreted,
but handling #o700 is all we really need for now.
Stefan
- bug#865: 23.0.60; The directory is unsafe today, (continued)
- bug#865: 23.0.60; The directory is unsafe today, Stefan Monnier, 2008/09/06
- bug#865: 23.0.60; The directory is unsafe today, Eli Zaretskii, 2008/09/06
- bug#865: 23.0.60; The directory is unsafe today, Stefan Monnier, 2008/09/07
- bug#865: 23.0.60; The directory is unsafe today, Eli Zaretskii, 2008/09/07
- bug#865: 23.0.60; The directory is unsafe today, Stefan Monnier, 2008/09/07
- bug#865: 23.0.60; The directory is unsafe today, Jason Rumney, 2008/09/08
- bug#865: 23.0.60; The directory is unsafe today, Stefan Monnier, 2008/09/08
- bug#865: 23.0.60; The directory is unsafe today, Eli Zaretskii, 2008/09/08
- bug#865: 23.0.60; The directory is unsafe today, Stefan Monnier, 2008/09/09
- bug#865: 23.0.60; The directory is unsafe today, Eli Zaretskii, 2008/09/09
- bug#865: 23.0.60; The directory is unsafe today,
Stefan Monnier <=
- Message not available
- bug#865: 23.0.60; The directory is unsafe today, Francis Litterio, 2008/09/07
- bug#865: 23.0.60; The directory is unsafe today, Lennart Borgman (gmail), 2008/09/07
- bug#865: 23.0.60; The directory is unsafe today, Eli Zaretskii, 2008/09/07
- Message not available
- bug#865: 23.0.60; The directory is unsafe today, Francis Litterio, 2008/09/06
- bug#865: 23.0.60; The directory is unsafe today, Lennart Borgman (gmail), 2008/09/06
- bug#865: 23.0.60; The directory is unsafe today, Lennart Borgman, 2008/09/05
- bug#865: 23.0.60; The directory is unsafe today, Eli Zaretskii, 2008/09/05
- bug#865: 23.0.60; The directory is unsafe today, Stefan Monnier, 2008/09/05
- bug#865: 23.0.60; The directory is unsafe today, Eli Zaretskii, 2008/09/05
- bug#865: 23.0.60; The directory is unsafe today, Jason Rumney, 2008/09/05