Re: Closing a privilege escalation

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Closing a privilege escalation

From:	Noam Postavsky
Subject:	Re: Closing a privilege escalation
Date:	Tue, 24 Apr 2018 21:18:31 -0400

On 24 April 2018 at 21:09, Richard Stallman <address@hidden> wrote:

> With some arguments, emacs started inside sudo will run the user's own
> .emacs file rather than root's.  This creates a known vulnerability
> for privilege escalation.
>
> I propose a feature to fix the vulnerability:
>
>   For sudo-authorized users, require .emacs (and other Emacs startup
>   files and directories) to be owned by root.

Can you explain what you mean by "sudo-authorized users" exactly? I
would have expected the fix to be

  When running Emacs as root, require .emacs (etc) to be writable only by root.

[Prev in Thread]

Current Thread

[Next in Thread]

Closing a privilege escalation, Richard Stallman, 2018/04/24
- Re: Closing a privilege escalation, Noam Postavsky <=
  - Re: Closing a privilege escalation, Richard Stallman, 2018/04/25
- Re: Closing a privilege escalation, Lars Ingebrigtsen, 2018/04/24
  - Re: Closing a privilege escalation, Richard Stallman, 2018/04/25
    - Re: Closing a privilege escalation, Lars Ingebrigtsen, 2018/04/26
    - Re: Closing a privilege escalation, Lars Ingebrigtsen, 2018/04/26
    - Re: Closing a privilege escalation, Richard Stallman, 2018/04/26
    - Re: Closing a privilege escalation, Tim Cross, 2018/04/26
    - Re: Closing a privilege escalation, Richard Stallman, 2018/04/27
    - Re: Closing a privilege escalation, Marcin Borkowski, 2018/04/27
    - Re: Closing a privilege escalation, Clément Pit-Claudel, 2018/04/27

Prev by Date: Re: 26.1-rc1: Gnus issue when signing message / prompting for passphrase
Next by Date: Re: Using the GNU GMP Library for Bignums in Emacs
Previous by thread: Closing a privilege escalation
Next by thread: Re: Closing a privilege escalation
Index(es):
- Date
- Thread