[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: sudo:: method in tramp possible security issue

From: Michael Albinus
Subject: Re: sudo:: method in tramp possible security issue
Date: Tue, 20 Nov 2018 23:06:14 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1.90 (gnu/linux)

Paul Eggert <address@hidden> writes:

> On 11/20/18 1:18 PM, Stefan Monnier wrote:
>> Tramp is not magical: it can do no more nor less than what an attacker
>> could do.
> Sure, if the attacker has control over my keyboard, or over my
> display, or over the Lisp code that I load and execute. That being
> said, Tramp does make attacks easier, so it has been an easy call for
> me to disable it.

Tramp's sudo method needs your credentials. If you don't provide them,
Tramp cannot do anything.

Like calling sudo in a terminal.

Best regards, Michael.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]