[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: sudo:: method in tramp possible security issue

From: Stefan Monnier
Subject: Re: sudo:: method in tramp possible security issue
Date: Tue, 20 Nov 2018 18:12:05 -0500
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)

> In other words, what bothers me the most about the sudo:: method is
> the persistent sudo session that makes me vulnerable to attackers, and
> to my elisp developing mistakes.  This is why I think a warning makes
> sense, or some visual way to identify this vulnerable state.

I guess it all depends on the sudo setup:

Can you run a shell via sudo?  On those machines where I can do that,
I typically do "sudo zsh" and then live happily in my root shell.
But even you don't, after you've used sudo, there's a time window
during which sudo won't ask for your password and during which an
attacker could run "sudo sh" via start-process, regardless of Tramp.

If you can't run a shell via sudo, then Tramp's sudo method won't work


reply via email to

[Prev in Thread] Current Thread [Next in Thread]