[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Closing a privilege escalation

From: Richard Stallman
Subject: Closing a privilege escalation
Date: Tue, 24 Apr 2018 21:09:14 -0400

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

With some arguments, emacs started inside sudo will run the user's own
.emacs file rather than root's.  This creates a known vulnerability
for privilege escalation.

I propose a feature to fix the vulnerability:

  For sudo-authorized users, require .emacs (and other Emacs startup
  files and directories) to be owned by root.

This won't be a big hassle for them, since
these users can sudo to edit their root-owned files.

Do people see any problem with this?

Dr Richard Stallman
President, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)
Skype: No way! See https://stallman.org/skype.html.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]