[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Closing a privilege escalation

From: Davis Herring
Subject: Re: Closing a privilege escalation
Date: Wed, 25 Apr 2018 09:25:15 -0600
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0

With some arguments, emacs started inside sudo will run the user's own
.emacs file rather than root's.  This creates a known vulnerability
for privilege escalation.

How does .emacs allow additional access? Anyone who can run emacs as root can run anything as root (via M-!, among many many other possibilities that cannot be countered by noexec).

   For sudo-authorized users, require .emacs (and other Emacs startup
   files and directories) to be owned by root.

This won't be a big hassle for them, since
these users can sudo to edit their root-owned files.
 > Do people see any problem with this?
It could easily be a problem if, say, .emacs is under version control. It might also interfere with backup systems, and could be incompatible with home directories mounted in special ways (e.g., NFS).


This product is sold by volume, not by mass. If it appears too dense or too sparse, it is because mass-energy conversion has occurred during shipping.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]