[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Closing a privilege escalation
From: |
Richard Stallman |
Subject: |
Re: Closing a privilege escalation |
Date: |
Wed, 25 Apr 2018 18:40:39 -0400 |
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
> > With some arguments, emacs started inside sudo will run the user's own
> > .emacs file rather than root's. This creates a known vulnerability
> > for privilege escalation.
> Is this about bug#28618? I think this issue was discussed
> comprehensively there.
The discussion reached the conclusion that the problem is real, even
with recent GNU/Linux systems. We have not fixed it.
I'm proposing a solution that I think will be adequate. Does
anyone have comments about this solution?
--
Dr Richard Stallman
President, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)
Skype: No way! See https://stallman.org/skype.html.
- Closing a privilege escalation, Richard Stallman, 2018/04/24
- Re: Closing a privilege escalation, Noam Postavsky, 2018/04/24
- Re: Closing a privilege escalation, Lars Ingebrigtsen, 2018/04/24
- Re: Closing a privilege escalation,
Richard Stallman <=
- Re: Closing a privilege escalation, Lars Ingebrigtsen, 2018/04/26
- Re: Closing a privilege escalation, Lars Ingebrigtsen, 2018/04/26
- Re: Closing a privilege escalation, Richard Stallman, 2018/04/26
- Re: Closing a privilege escalation, Tim Cross, 2018/04/26
- Re: Closing a privilege escalation, Richard Stallman, 2018/04/27
- Re: Closing a privilege escalation, Marcin Borkowski, 2018/04/27
- Re: Closing a privilege escalation, Clément Pit-Claudel, 2018/04/27
Re: Closing a privilege escalation, Davis Herring, 2018/04/25
Re: Closing a privilege escalation, Glenn Morris, 2018/04/25