[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: emacsclient socket ownership

From: Stefan Monnier
Subject: Re: emacsclient socket ownership
Date: Tue, 06 Nov 2018 12:54:22 -0500
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)

> There is no /run on macOS, and I'm pretty sure at least OpenBSD have
> rejected the idea.

It's OK: we can use OS-specific filenames.

And we'd want to preserve compatibility between old emacsclient and new
server.el and vice versa.

> Would not a better choice be to locate the socket at
> ${HOME}/.emacs.d/${something} instead?

That's another option, indeed.
IIRC it tends to work poorly when $HOME is on a network file system.

> At heart, I don't think this is really a security issue, so much as that
> root is the ultimate force for bypassing all protection in the Unix world.
> Without going to something akin to SELinux, or some similar MAC
> system,  there isn't any way to prevent root accessing any socket, by
> design.

The problem is not Emacs trying to prevent root's emacsclient from
connecting, but root's emacsclient trying to avoid connecting
inadvertently to an attacker's socket.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]