GNU bug report logs -
#37445
27.0.50; Permission denied after make install
Previous Next
Reported by: Tino Calancha <tino.calancha <at> gmail.com>
Date: Wed, 18 Sep 2019 09:03:02 UTC
Severity: normal
Found in version 27.0.50
Done: Paul Eggert <eggert <at> cs.ucla.edu>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
On 9/19/19 11:07 PM, Tino Calancha wrote:
>
> # Now launch Emacs: you will see at *Warnings* buffer
> # File error: Testing file, Permission denied, /home/ec2-user/soft/emacs-master/src
Thanks, I think I see the problem: Emacs is examining its source code, via the
Lisp variable source-directory, a variable that is put into the dump file. But
in your case the source code's permissions forbid access.
This glitch suggests that there are more-serious security problems in the
default Emacs install. If source-directory is (say) "/tmp/emacs-build/whatever",
and /tmp/emacs-build is removed after the build, an attacker can provide a bogus
source directory in place of the real one, and this could cause real problems.
Fedora 30 solves this potential security problem by arranging for the Lisp
variable source-directory to have a value like "/usr/share/emacs/26.2/", which
is a place attackers shouldn't be able to overwrite.
However, the default Emacs install doesn't do that. It installs the sources into
(say) "/usr/local/share/emacs/27.0.50", but it doesn't arrange for
source-directory to point there; instead, source-directory points to wherever
the sources happened to be when Emacs was built, which could be in /tmp. This
sounds like a configuration error in the default Emacs install, and I plan to
look into why it's unsafe whereas the Fedora Emacs install is safer.
This bug report was last modified 5 years and 241 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.