[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: sudo:: method in tramp possible security issue

From: João Távora
Subject: Re: sudo:: method in tramp possible security issue
Date: Tue, 20 Nov 2018 22:54:18 +0000

On Tue, Nov 20, 2018 at 10:30 PM Michael Albinus <address@hidden> wrote:

It isn't overkill. The implementation in Tramp depends on the file name
handler concept, which requires to implement 70 basic functions. How
would it be possible to implement `file-attributes', for example, w/o an
interactive shell with root permissions?

Sorry, I meant overkill for most **uses**.  By which I mean 100%
of uses that **I** have ever had for /sudo::, which is to quickly
edit a system file. Of course there are other uses that other
users might want.
Here I'm not convinced. I agree that it must be said more prominent in
the Tramp manual, that an interactive session with root permissions is
running in the background, but I believe it would be too bossy to tell
users they shall not use "/sudo::". It is like telling something like
this to users, who call sudo in a terminal. Are there such warnings,

I've explained that I don't think it is the same to run sudo in a
terminal and inside emacs.  And I'm not suggesting "/sudo::
considered dangerous, thou shalt not use it!", just a one time
summary explanation of what is about to happen.

Alternatively, how would you feel about adding something to
the mode-line clearly showing that there is an ongoing
superuser session going on?

For me, mentioning it in the manual isn't very useful, because
few people read the manual, fine as it may be :-)

João Távora

reply via email to

[Prev in Thread] Current Thread [Next in Thread]