[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#865: 23.0.60; The directory is unsafe today
From: |
Lennart Borgman (gmail) |
Subject: |
bug#865: 23.0.60; The directory is unsafe today |
Date: |
Sat, 06 Sep 2008 19:41:37 +0200 |
User-agent: |
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.9) Gecko/20071031 Thunderbird/2.0.0.9 Mnenhy/0.7.5.666 |
Francis Litterio wrote:
> Eli Zaretskii wrote:
>
>>> From: Stefan Monnier
>
>>> But I'd argue that having the umask (aka default-file-modes) set to
>>> #o700 could be used as a tell-tale sign, so it sounds to me like it
>>> might be doable by adding w32 C code without any C-level changes.
>> So you are saying we should assume that when umask has its two lower
>> mode bits set to zero, the intent is to create a private file
>> accessible only by the user who runs Emacs? I don't like such
>> assumptions, but if I'm the only one, so be it.
>
> Overloading the semantics of a subset of the bits in the umask seems
> prone to confusion. Why not create a new w32-... variable to encode
> those semantics?
Unfortunately they are already overloaded on w32. I think the best
remedy would be to just remove that on w32. New primitives are needed if
we really want to handle security from within Emacs.
I am not sure it is good to do that, but if you really want to handle
security it must of course be carefully done.
For the current problem a work around using a special function in
server-ensure-safe-dir for OS:es that uses ACLs for security control
would be the best in my opinion.
- bug#865: 23.0.60; The directory is unsafe today, (continued)
- bug#865: 23.0.60; The directory is unsafe today, Jason Rumney, 2008/09/08
- bug#865: 23.0.60; The directory is unsafe today, Stefan Monnier, 2008/09/08
- bug#865: 23.0.60; The directory is unsafe today, Eli Zaretskii, 2008/09/08
- bug#865: 23.0.60; The directory is unsafe today, Stefan Monnier, 2008/09/09
- bug#865: 23.0.60; The directory is unsafe today, Eli Zaretskii, 2008/09/09
- bug#865: 23.0.60; The directory is unsafe today, Stefan Monnier, 2008/09/10
- Message not available
- bug#865: 23.0.60; The directory is unsafe today, Francis Litterio, 2008/09/07
- bug#865: 23.0.60; The directory is unsafe today, Lennart Borgman (gmail), 2008/09/07
- bug#865: 23.0.60; The directory is unsafe today, Eli Zaretskii, 2008/09/07
- Message not available
- bug#865: 23.0.60; The directory is unsafe today, Francis Litterio, 2008/09/06
- bug#865: 23.0.60; The directory is unsafe today,
Lennart Borgman (gmail) <=
- bug#865: 23.0.60; The directory is unsafe today, Lennart Borgman, 2008/09/05
- bug#865: 23.0.60; The directory is unsafe today, Eli Zaretskii, 2008/09/05
- bug#865: 23.0.60; The directory is unsafe today, Stefan Monnier, 2008/09/05
- bug#865: 23.0.60; The directory is unsafe today, Eli Zaretskii, 2008/09/05
- bug#865: 23.0.60; The directory is unsafe today, Jason Rumney, 2008/09/05
- bug#865: 23.0.60; The directory is unsafe today, Lennart Borgman, 2008/09/05
- bug#865: 23.0.60; The directory is unsafe today, Eli Zaretskii, 2008/09/05
- Message not available
- bug#865: 23.0.60; The directory is unsafe today, Francis Litterio, 2008/09/04
- bug#865: 23.0.60; The directory is unsafe today, Eli Zaretskii, 2008/09/04
- Message not available
- bug#865: 23.0.60; The directory is unsafe today, Francis Litterio, 2008/09/04