GNU bug report logs - #33847
27.0.50; emacsclient does not find server socket

Previous Next

Full log

View this message in rfc822 format

From: Paul Eggert <eggert <at> cs.ucla.edu>
To: Lars Ingebrigtsen <larsi <at> gnus.org>, Eli Zaretskii <eliz <at> gnu.org>
Cc: Teika Kazura <teika <at> gmx.com>, 33847 <at> debbugs.gnu.org, Ulrich Mueller <ulm <at> gentoo.org>
Subject: bug#33847: 27.0.50; emacsclient does not find server socket
Date: Fri, 21 Aug 2020 14:28:36 -0700

[Message part 1 (text/plain, inline)]

On 8/19/20 4:05 AM, Lars Ingebrigtsen wrote:
> I've just skimmed the thread, but the patch seems to me like a
> reasonable thing to add to make these use cases work again.

Although that patch would makes the use cases work again, it does so at the 
expense of security in XDG environments, because it opens holes allowing symlink 
attacks. You log in in an XDG environment, you don't run Emacs server, you run 
emacsclient - and the attacker's symlink in /tmp (or whatever) causes 
emacsclient to send garbage to some other socket of yours that may not be 
prepared for the garbage.

I spent quite a bit of time looking into this and came up with the attached 
proposed patch which should make the use cases work again without opening 
security holes. This patch fixes some other bugs that I noticed while I was in 
the area.

These use cases continue to be dubious security-wise (for other programs as well 
as for Emacs), but if they're popular then this patch should help people avoid 
shooting themselves in the foot quite so often.

[0001-Redo-emacsclient-socket-symlink-attack-checking.txt (text/plain, attachment)]

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.