GNU bug report logs -
#31709
27.0.50; Wishlist: Perhaps Emacs should load a file when getting a particular signal?
Previous Next
Reported by: Lars Ingebrigtsen <larsi <at> gnus.org>
Date: Mon, 4 Jun 2018 11:31:02 UTC
Severity: wishlist
Tags: wontfix
Found in version 27.0.50
Done: Lars Ingebrigtsen <larsi <at> gnus.org>
Bug is archived. No further changes may be made.
Full log
Message #47 received at 31709 <at> debbugs.gnu.org (full text, mbox):
Phil Sainty <psainty <at> orcon.net.nz> writes:
> On 2018-06-06 03:35, Phil Sainty wrote:
>> On 2018-06-06 02:38, Eli Zaretskii wrote:
>>> Having a fixed file name in Emacs that is loaded by an external signal
>>> would be a terrible security risk, no?
>>
>> Bad Things could surely be done; but if the attacker has access to
>> send signals to the user's emacs process or write files in the user's
>> ~/.emacs.d directory, has a terrible security breach not already
>> occurred? The notion of an attacker gaining access to a running Emacs
>> session is certainly bad, but I'm unsure whether the proposed idea
>> really worsens the risk in principle?
>
> In fact if you normally run emacs as a server you're opening up the
> same security risk, no? An attacker who could send a signal to an
> emacs process can also run emacsclient to access an existing server;
> and I don't think we consider the practice of running an emacs server
> to be a terrible security risk.
What if this hypothetical emacs was deliberately started without a
server running, since it contains sensitive information? Starting a
server when receiving a signal has now opened up access to that emacs
where none existed before.
Robert
This bug report was last modified 5 years and 246 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.