[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v3] Add systemd socket launching support
From: |
Stefan Monnier |
Subject: |
Re: [PATCH v3] Add systemd socket launching support |
Date: |
Fri, 01 Apr 2016 09:17:32 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.1.50 (gnu/linux) |
> I'm not sure myself, but I'm not a criminal, so don't ask me about the
> details. I just know that exposing a handle through which someone can
> feed Emacs any commands they want is a bad idea.
Which part of my proposal exposes such a handle? What do you mean by
"exposing"? The only "exposing" happening is to provide a function that
extracts the FD number from our own process environment. This function
would be implemented using libsystemd so as to avoid re-implementing it
in Elisp (and having to keep it up-to-date with systemd's way of
passing the FD info), but the actual FD data is already available to
Elisp as well as to any other process running on the same machine
(since the env is usually available via "ps" or "/proc/<pid>/environ").
I don't understand.
>> And I'm not sure how the latest patch would address it (you can
>> still cause Emacs to use an arbitrary FD by providing the
>> corresponding envvars).
> That'd require a more serious breach of the system's security.
No. That only requires an Emacs compiled with systemd support.
That doesn't require systemd running.
Stefan