emacs-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: expressions


From: Kim F. Storm
Subject: Re: expressions
Date: 06 Jan 2003 01:49:41 +0100
User-agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3.50

Bob Halley <address@hidden> writes:

> Richard Stallman <address@hidden> writes:
> 
> > This is a useful feature.  I have a security question for the people
> > on emacs-devel who support non-GNU-like platforms.  server.el sets up
> > mode 0700 for the socket.  Is that sufficient security, on all
> > platforms, to make it safe to install this feature?
> 
> No, it is not safe.  On Solaris, at least as recent as Solaris 8, the
> file permissions on UNIX domain sockets are totally ignored.  This may
> be true on other platforms as well, though many platforms "do the
> right thing" and check file permissions.

Currently, server.el places the socket in /tmp/esrv<UID>-<HOST>

I've always wondered why the socket wasn't placed in $HOME.

> 
> The standard way of dealing with this portably is to create a
> directory for the socket filename to live in, and control access via
> permissions on the directory.


Maybe we should create a directory "~/.esrv" (if it doesn't exist),
check that it is owned by the current user (fail to start server if
not), make it 700, and then create the server socket (e.g. named
`server') in that directory.

-- 
Kim F. Storm <address@hidden> http://www.cua.dk





reply via email to

[Prev in Thread] Current Thread [Next in Thread]