|
From: | Paul Eggert |
Subject: | Re: sudo:: method in tramp possible security issue |
Date: | Tue, 20 Nov 2018 13:25:47 -0800 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.3.0 |
On 11/20/18 1:18 PM, Stefan Monnier wrote:
Tramp is not magical: it can do no more nor less than what an attacker could do.
Sure, if the attacker has control over my keyboard, or over my display, or over the Lisp code that I load and execute. That being said, Tramp does make attacks easier, so it has been an easy call for me to disable it.
[Prev in Thread] | Current Thread | [Next in Thread] |