help-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Does anyone really use emacs in terminal?

From: Jonathan Groll
Subject: Re: Does anyone really use emacs in terminal?
Date: Thu, 09 May 2013 09:25:08 +0200
User-agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/24.0 Mule/6.0 (HANACHIRUSATO) 
On Wed, 08 May 2013 21:15:10 -0400, Stefan Monnier <monnier@iro.umontreal.ca> 
wrote:

> > But emacs will always ask you if it should proceed due to that issue.
> > It will never do it automatically.  It isn't intrinsically insecure.
> 
> Well, that depends how paranoid you are.  It used to be intrinsically
> insecure (only prompting the user for things known to be dicey) and has
> been improved over the years (always prompting unless told that it's
> safe), but there are so many variables marked as "safe" that might be
> used in unexpected ways by so many packages that "intrinsically secure"
> sounds naive.
> 
> More specifically, I'd be *very* surprised if there aren't any "big
> security holes" waiting to be exploited in Emacs.
> 
> > And you would need to be exposed to hostile user attack in order to
> > trigger it.
> 
> Yes.  I think that's what keeps you safe.
> 
> 
>        Stefan "who uses Zile when running as root"

Sure, you can forget you're root, (in all cases), but dired as root is
maybe more than just a nice to have. For instance, it makes it easier
to browse the system logfiles, etc. I can't say that I'd never use
Emacs as root - it is simply too useful, and the trade-off of potential
security risk versus utility seems to me to be one that I'm willing to
make.

Cheers,
Jonathan
--
jjg: Jonathan J. Groll : groll co za
has_one { :blog => "http://bloggroll.com"; }
Any other Disclaimer in this mail is Wrong.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]