GNU bug report logs - #31709
27.0.50; Wishlist: Perhaps Emacs should load a file when getting a particular signal?

Previous Next

Full log

Message #44 received at 31709 <at> debbugs.gnu.org (full text, mbox):

From: Robert Pluim <rpluim <at> gmail.com>
To: Lars Ingebrigtsen <larsi <at> gnus.org>
Cc: 31709 <at> debbugs.gnu.org, Eli Zaretskii <eliz <at> gnu.org>
Subject: Re: bug#31709: 27.0.50;
 Wishlist: Perhaps Emacs should load a file when getting a particular
 signal?
Date: Tue, 05 Jun 2018 18:20:49 +0200

Lars Ingebrigtsen <larsi <at> gnus.org> writes:

> Eli Zaretskii <eliz <at> gnu.org> writes:
>
>> Which functionality? to load a file whose name is fixed in the
>> sources?
>
> Yes.
>
>> Having a fixed file name in Emacs that is loaded by an external signal
>> would be a terrible security risk, no?
>
> Well...  Would it?  I mean, the file would be something like
> ~/.emacs.d/sigusr1.el or something.  To send a signal to the Emacs
> process you either have to be the user or root, and if you're the user
> or root, you already have all the access to the process that you need to
> do, well, anything.  Like it was pointed out here earlier, doing the
> "make a running Emacs without a server do something" can be achieved
> through gdb magic.

I believe said gdb magic requires you to have ptrace capabilities on
the process in question, which is a stronger requirement than being
able to send a signal (unless youʼre root, of course).

> It's just something that's very finicky, and loading a file instead
> would be something that a normal user could do.
>
> So: The same attack surface that we already have, but a feature that
> would be usable for a normal user.

A slightly larger attack surface, I think. But more convenient to
use. Although you could just bind server-name to something based on
the current pid, and then run (server-start) in all your emacsen.

Robert

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.