|
From: | Davis Herring |
Subject: | Re: Closing a privilege escalation |
Date: | Wed, 25 Apr 2018 09:25:15 -0600 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 |
With some arguments, emacs started inside sudo will run the user's own .emacs file rather than root's. This creates a known vulnerability for privilege escalation.
How does .emacs allow additional access? Anyone who can run emacs as root can run anything as root (via M-!, among many many other possibilities that cannot be countered by noexec).
It could easily be a problem if, say, .emacs is under version control. It might also interfere with backup systems, and could be incompatible with home directories mounted in special ways (e.g., NFS).For sudo-authorized users, require .emacs (and other Emacs startup files and directories) to be owned by root. This won't be a big hassle for them, since these users can sudo to edit their root-owned files. > Do people see any problem with this?
Davis --This product is sold by volume, not by mass. If it appears too dense or too sparse, it is because mass-energy conversion has occurred during shipping.
[Prev in Thread] | Current Thread | [Next in Thread] |