[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Closing a privilege escalation
From: |
Richard Stallman |
Subject: |
Closing a privilege escalation |
Date: |
Tue, 24 Apr 2018 21:09:14 -0400 |
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
With some arguments, emacs started inside sudo will run the user's own
.emacs file rather than root's. This creates a known vulnerability
for privilege escalation.
I propose a feature to fix the vulnerability:
For sudo-authorized users, require .emacs (and other Emacs startup
files and directories) to be owned by root.
This won't be a big hassle for them, since
these users can sudo to edit their root-owned files.
Do people see any problem with this?
--
Dr Richard Stallman
President, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)
Skype: No way! See https://stallman.org/skype.html.
- Closing a privilege escalation,
Richard Stallman <=
- Re: Closing a privilege escalation, Noam Postavsky, 2018/04/24
- Re: Closing a privilege escalation, Lars Ingebrigtsen, 2018/04/24
- Re: Closing a privilege escalation, Richard Stallman, 2018/04/25
- Re: Closing a privilege escalation, Lars Ingebrigtsen, 2018/04/26
- Re: Closing a privilege escalation, Lars Ingebrigtsen, 2018/04/26
- Re: Closing a privilege escalation, Richard Stallman, 2018/04/26
- Re: Closing a privilege escalation, Tim Cross, 2018/04/26
- Re: Closing a privilege escalation, Richard Stallman, 2018/04/27
- Re: Closing a privilege escalation, Marcin Borkowski, 2018/04/27