[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Files created with emacs are owned by system

From: Tim X
Subject: Re: Files created with emacs are owned by system
Date: Sat, 02 Aug 2008 11:54:31 +1000
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.60 (gnu/linux)

address@hidden writes:

> On Aug 1, 3:33 pm, Joost Kremers <address@hidden> wrote:
>> address@hidden wrote:
>> > 3. GNU Emacs 21.2.1
>> [...]
>> > 8. emacs -Q: unknown option; I also can't find it in the man page.
>> -Q is a fairly new option. perhaps it was only introduced with emacs 22.
>> > Most importantly, (probably) it does seem that emacs is running as
>> > root
>> > ps -aux | grep emacs:
>> > root      1805   0.0 -0.2    48104   4548  p2  S+    7:38PM   0:00.36
>> > emacs
>> > I have no idea why it's doing this or how to change it. If I quit
>> > emacs and while in the same terminal run "whoami", I'm still iainb.
>> do:
>> ls -l $(which emacs)
>> i'm suspecting that your permissions will be set to 'rws' for the owner,
>> meaning that the binary is suid (i.e. it runs as the owner of the file, in
>> this case root, not as the user that's actually started the process.)
>> --
>> Joost Kremers                                     address@hidden
>> Selbst in die Unterwelt dringt durch Spalten Licht
>> EN:SiS(9)
> well, I've installed emacs version 22.2 into /usr/local and it doesn't
> save the files as root, it saves them as me.
> For the record
> ls -l /usr/local/bin/emacs
> -rwxr-xr-t   2 root  wheel  9673784 Aug  1 15:36 /usr/local/bin/emacs
> ls -l /usr/bin/emacs
> -r-sr-xr-x   1 root  wheel  30008 Aug 19  2006 /usr/bin/emacs

There is your problem. Emacs has the setuid bit set. this means it will
execute as the owner, which is root. 

While switching to a new version as worked around your problem, I would
be rther concerned about this. It would be extremely unusual to have
emacs installed with the setuid bit set. I would certainly be checking
to see what other binaries have this set and would immediately 
consider the system has been compromised. If you find many files with
the setuid bit set, I would strongly recommend a re-install.


tcross (at) rapttech dot com dot au

reply via email to

[Prev in Thread] Current Thread [Next in Thread]