GNU bug report logs - #3712
23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method

Previous Next

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (Emacs bug Tracking System)
To: Teemu Likonen <tlikonen <at> iki.fi>
Subject: bug#3712 closed by Teemu Likonen <tlikonen <at> iki.fi> (Re: bug#3712:
 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and
 /sudo method)
Date: Tue, 30 Jun 2009 16:40:05 +0000

[Message part 1 (text/plain, inline)]

This is an automatic notification regarding your bug report
which was filed against the emacs package:

#3712: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method

It has been closed by Teemu Likonen <tlikonen <at> iki.fi>.

Their explanation is attached below along with your original report.
If this explanation is unsatisfactory and you have not received a
better one in a separate message then please contact Teemu Likonen <tlikonen <at> iki.fi> by
replying to this email.


-- 
3712: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3712
Emacs Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]

From: Teemu Likonen <tlikonen <at> iki.fi>
To: Michael Albinus <michael.albinus <at> gmx.de>
Cc: 3712-done <at> debbugs.gnu.org
Subject: Re: bug#3712: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method
Date: Tue, 30 Jun 2009 19:36:32 +0300

On 2009-06-30 17:34 (+0200), Michael Albinus wrote:

> OK, you've convinced me. Execution bits are removed now for newly
> created remote files.

> If it works also for you it is OK for me.

It seems to work perfectly now. Huge thanks! I'm happy to close this
bug.

[Message part 3 (message/rfc822, inline)]

From: Teemu Likonen <tlikonen <at> iki.fi>
To: emacs-pretest-bug <at> gnu.org
Subject: 23.1.50; SECURITY: Tramp creates -rwxrwxrwx permission files with /su and /sudo method
Date: Mon, 29 Jun 2009 18:16:30 +0300

When method /su: or /sudo: is used to _create_ a file the file's
permission will be set to -rwxrwxrwx (777), that is, allow everything
for everyone. Obviously this is serious security bug. Steps to
reproduce:

 1. Start Emacs as a normal user:

        emacs -Q

 2. Create a file in a directory to which the user who launched this
    Emacs session doesn't have write access.

        C-x C-f /su::/root/test.txt

 3. Write some content to the file and save it with "C-x C-s".

 4. Check file's permissions. It has 777 permission bits:

        $ ls -l /root/test.txt
        -rwxrwxrwx 1 root root 5 2009-06-29 17:58 /root/test.txt

For some reason, if I create similar file to the same user's home
directory who launched this Emacs session (/su::$HOME/test.txt) then it
gets 644 permissions (probably honoring umask settings).


In GNU Emacs 23.1.50.4 (i686-pc-linux-gnu, GTK+ Version 2.12.12)
 of 2009-06-29 on mithlond
Windowing system distributor `The X.Org Foundation', version 11.0.10402000
configured using `configure  '--prefix=/home/dtw/local''

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.