[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Emacs RPC
Re: Emacs RPC
Sun, 24 Apr 2011 21:05:56 -0500
Gnus/5.110016 (No Gnus v0.16) Emacs/24.0.50 (gnu/linux)
On Mon, 25 Apr 2011 03:26:46 +0200 Lars Magne Ingebrigtsen <address@hidden>
LMI> Ted Zlatanov <address@hidden> writes:
>> Please, please implement this securely from the start. emacsclient is
>> terribly insecure and we don't need to repeat that.
LMI> The network connection isn't encrypted, but how is emacsclient insecure
LMI> otherwise? You have to pass the (shared) secret to the server to get it
LMI> to do anything.
The server executes anything passed to it. There's no verification that
the content came from a trusted client beyond the shared secret. I'm
suggesting more granular permissions that work across operating systems
and don't require NFS mounts (have you ever set up a NFS mount to a W32
machine? it's painful... and expensive...)
The permissions should be applied at the procedure level, so different
procedures can be authorized and authenticated differently.
But encryption would be nice too, hence my GnuTLS suggestion. 90% of
the code is already in Emacs.
LMI> In any case, it's rather an orthogonal issue. I see no reason why the
LMI> in-Emacs RPC should be more secure than the command line RPC.
...because the command-line RPC can then use the in-Emacs RPC and
improve security for everyone. It would (IMHO) make emacsclient and
in-Emacs RPC real, viable RPC mechanisms. Right now they can't be.
Re: Emacs RPC, Chong Yidong, 2011/04/24
Re: Emacs RPC, Stefan Monnier, 2011/04/25
Emacs RPC security (was: Emacs RPC), Ted Zlatanov, 2011/04/25
Re: Emacs RPC, Sebastian Rose, 2011/04/26
- Re: Emacs RPC, (continued)