bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#865: 23.0.60; The directory is unsafe today

From: Lennart Borgman (gmail)
Subject: bug#865: 23.0.60; The directory is unsafe today
Date: Sat, 06 Sep 2008 19:41:37 +0200
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.9) Gecko/20071031 Thunderbird/2.0.0.9 Mnenhy/0.7.5.666 
Francis Litterio wrote:
> Eli Zaretskii wrote:
> 
>>> From: Stefan Monnier
> 
>>> But I'd argue that having the umask (aka default-file-modes) set to
>>> #o700 could be used as a tell-tale sign, so it sounds to me like it
>>> might be doable by adding w32 C code without any C-level changes.
>> So you are saying we should assume that when umask has its two lower
>> mode bits set to zero, the intent is to create a private file
>> accessible only by the user who runs Emacs?  I don't like such
>> assumptions, but if I'm the only one, so be it.
> 
> Overloading the semantics of a subset of the bits in the umask seems
> prone to confusion.  Why not create a new w32-... variable to encode
> those semantics?


Unfortunately they are already overloaded on w32. I think the best
remedy would be to just remove that on w32. New primitives are needed if
we really want to handle security from within Emacs.

I am not sure it is good to do that, but if you really want to handle
security it must of course be carefully done.

For the current problem a work around using a special function in
server-ensure-safe-dir for OS:es that uses ACLs for security control
would be the best in my opinion.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]