GNU bug report logs -
#33847
27.0.50; emacsclient does not find server socket
Previous Next
Reported by: Ulrich Mueller <ulm <at> gentoo.org>
Date: Sun, 23 Dec 2018 09:49:01 UTC
Severity: normal
Tags: patch
Merged with 41707
Found in version 27.0.50
Fixed in version 28.1
Done: Lars Ingebrigtsen <larsi <at> gnus.org>
Bug is archived. No further changes may be made.
Full log
Message #100 received at 33847 <at> debbugs.gnu.org (full text, mbox):
On 8/22/20 12:24 AM, Ulrich Mueller wrote:
>>>>>> On Fri, 21 Aug 2020, Paul Eggert wrote:
>
>> These use cases continue to be dubious security-wise (for other
>> programs as well as for Emacs), but if they're popular then this patch
>> should help people avoid shooting themselves in the foot quite so
>> often.
>
> Looks complicated.
Yes. It's complicated partly because it fixes longstanding obscure security bugs
in the /tmp handling code. These bugs should be fixed anyway, regardless of what
we do about XDG_RUNTIME_DIR. With some effort I could break it into two patches
but I'd rather not spend the effort - I already have spent more time in this
obscure but security-relevant area than I'd like.
> What about my earlier suggestion to avoid both /tmp and XDG_RUNTIME_DIR,
> but create the socket in a subdir of user-emacs-directory instead?
This would be worse for several reasons: you'd need to disambiguate via
hostname, you'd need to guarantee hostnames are unique, you'd have problems when
NFS is flaky or hanging in your home directory, and you'd need to deal with
socket files that survive OS crashes.
This bug report was last modified 3 years and 226 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.