[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: expressions

From: Richard Stallman
Subject: Re: expressions
Date: Wed, 08 Jan 2003 03:00:04 -0500

    Although granted adding the ability to server.el to evaluate arbitrary
    LISP expression becomes a security disaster, even without that, users
    who have enable-local-variables set to t and who run server.el are in
    trouble --- since an attacker can ask emacs to open an arbitrary file
    created by the attacker, and the local variables in the file can
    contain arbitrary lisp expressions.

That's true, but enable-local-variables is nil by default.
So this change would really make the problem considerably more

    (BTW, Note that one way of dealing with the temp cleaner problem would
    be to have the emacsserver binary periodically wake up every so often,
    and try touching the containing directory and socket.  If they have
    disappeared, the binary could recreate them.)

I thin the current code has the same problem--it makes no attempt
to cope if you clean /tmp.  I guess it would be nice to add this
facility to try to cope.

I was worried about whether clearing /tmp might fail to delete
subdirs.  ISTR there was such a problem in the past.  Maybe not now.

    Another thought --- if we're willing to bag backwards compatibility
    altogether, a friend recently pointed me at the existence of another
    package, gnuserv/gnuclient, which does most of what I had wanted.

I think there are problems getting papers for that.
I don't remember the details, though.  Maybe we could implement
whatever security feature it has.  How does that work?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]