GNU bug report logs - #28618
Emacs respects $HOME, even when user is root

Previous Next

Package: emacs;

Reported by: Dor Azouri <dor.azouri <at> safebreach.com>

Date: Wed, 27 Sep 2017 15:31:01 UTC

Severity: normal

Tags: notabug, security, wontfix

Merged with 30912

Done: Noam Postavsky <npostavs <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: John Wiegley <jwiegley <at> gmail.com>
To: Dor Azouri <dor.azouri <at> safebreach.com>
Cc: 28618 <at> debbugs.gnu.org
Subject: bug#28618: Emacs Security Issue
Date: Wed, 27 Sep 2017 08:44:34 -0700

>>>>> "DA" == Dor Azouri <dor.azouri <at> safebreach.com> writes:

DA> In short, a malicious actor that can execute code as one of the sudoers
DA> (in non-elevated mode), can edit the init file, and add malicious commands
DA> to it. Then he needs to wait for that user to invoke the editor in
DA> elevated mode - and the plugin that was written before, will be loaded
DA> with the root permissions.

If the user has sudo access to run Emacs, isn't the game already over? They
could M-x shell and rm -fr /, no?

-- 
John Wiegley                  GPG fingerprint = 4710 CF98 AF9B 327B B80F
http://newartisans.com                          60E1 46C4 BD1A 7AC1 4BA2

This bug report was last modified 7 years and 58 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #28618 Emacs respects $HOME, even when user is root

GNU bug report logs - #28618
Emacs respects $HOME, even when user is root