bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#3712: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files w

From: Teemu Likonen
Subject: bug#3712: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method
Date: Mon, 29 Jun 2009 18:16:30 +0300
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1.50 (gnu/linux) 
When method /su: or /sudo: is used to _create_ a file the file's
permission will be set to -rwxrwxrwx (777), that is, allow everything
for everyone. Obviously this is serious security bug. Steps to
reproduce:

 1. Start Emacs as a normal user:

        emacs -Q

 2. Create a file in a directory to which the user who launched this
    Emacs session doesn't have write access.

        C-x C-f /su::/root/test.txt

 3. Write some content to the file and save it with "C-x C-s".

 4. Check file's permissions. It has 777 permission bits:

        $ ls -l /root/test.txt
        -rwxrwxrwx 1 root root 5 2009-06-29 17:58 /root/test.txt

For some reason, if I create similar file to the same user's home
directory who launched this Emacs session (/su::$HOME/test.txt) then it
gets 644 permissions (probably honoring umask settings).


In GNU Emacs 23.1.50.4 (i686-pc-linux-gnu, GTK+ Version 2.12.12)
 of 2009-06-29 on mithlond
Windowing system distributor `The X.Org Foundation', version 11.0.10402000
configured using `configure  '--prefix=/home/dtw/local''
reply via email to
[Prev in Thread] Current Thread [Next in Thread]