[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: emacsclient socket ownership
|
From: |
Stefan Monnier |
|
Subject: |
Re: emacsclient socket ownership |
|
Date: |
Fri, 02 Nov 2018 16:30:12 -0400 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) |
>> I'm sure we can come up with scenarios where this problem can
>> be exploited.
> Yes, me too. Let's close the hole.
Not sure how, tho: as mentioned, just checking that the socket is owned
by root might not be sufficient (the attacker may have just put
a symlink to some other socket that belongs to root but that really
doesn't expect the kind of data emacsclient sends).
Stefan
Re: emacsclient socket ownership, Glenn Morris, 2018/11/04
- Re: emacsclient socket ownership, Paul Eggert, 2018/11/05
- Re: emacsclient socket ownership, Stefan Monnier, 2018/11/05
- Re: emacsclient socket ownership, Paul Eggert, 2018/11/05
- Re: emacsclient socket ownership, Daniel Pittman, 2018/11/06
- Re: emacsclient socket ownership, Stefan Monnier, 2018/11/06
- Re: emacsclient socket ownership, Paul Eggert, 2018/11/06
- Re: emacsclient socket ownership, Glenn Morris, 2018/11/13
- Re: emacsclient socket ownership, Eli Zaretskii, 2018/11/13