Re: emacsclient socket ownership

emacs-devel

From:	Paul Eggert
Subject:	Re: emacsclient socket ownership
Date:	Fri, 2 Nov 2018 14:06:24 -0700
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1

On 11/2/18 1:30 PM, Stefan Monnier wrote:

the attacker may have just put
a symlink to some other socket that belongs to root but that really
doesn't expect the kind of data emacsclient sends

We could refuse to follow symlinks, no? If that's not enough there aremore drastic things to try.

Current Thread

[Next in Thread]

emacsclient socket ownership, Glenn Morris, 2018/11/01
- Re: emacsclient socket ownership, Stefan Monnier, 2018/11/02
  - Re: emacsclient socket ownership, Yuri Khan, 2018/11/02
    - Re: emacsclient socket ownership, Stefan Monnier, 2018/11/02
    - Re: emacsclient socket ownership, Paul Eggert, 2018/11/02
    - Re: emacsclient socket ownership, Stefan Monnier, 2018/11/02
    - Re: emacsclient socket ownership, Paul Eggert <=
  - Re: emacsclient socket ownership, Glenn Morris, 2018/11/04
    - Re: emacsclient socket ownership, Paul Eggert, 2018/11/05
    - Re: emacsclient socket ownership, Stefan Monnier, 2018/11/05
    - Re: emacsclient socket ownership, Paul Eggert, 2018/11/05
    - Re: emacsclient socket ownership, Daniel Pittman, 2018/11/06
    - Re: emacsclient socket ownership, Stefan Monnier, 2018/11/06
    - Re: emacsclient socket ownership, Paul Eggert, 2018/11/06
    - Re: emacsclient socket ownership, Glenn Morris, 2018/11/13
    - Re: emacsclient socket ownership, Eli Zaretskii, 2018/11/13