GNU bug report logs - #51327
28.0.60; emacsclient warns about XDG_RUNTIME_DIR when starting daemon on-demand

Previous Next

Package: emacs;

Reported by: Jim Porter <jporterbugs <at> gmail.com>

Date: Fri, 22 Oct 2021 04:59:02 UTC

Severity: normal

Tags: security

Found in version 28.0.60

Full log

Message #37 received at 51327 <at> debbugs.gnu.org (full text, mbox):

From: Paul Eggert <eggert <at> cs.ucla.edu>
To: Jim Porter <jporterbugs <at> gmail.com>, Ulrich Mueller <ulm <at> gentoo.org>,
 51327 <at> debbugs.gnu.org
Subject: Re: bug#51327: 28.0.60; emacsclient warns about XDG_RUNTIME_DIR when
 starting daemon on demand
Date: Thu, 11 Nov 2021 18:21:24 -0800

On 11/11/21 09:06, Jim Porter wrote:
> It's possible that this behavior is perfectly safe, but the way the code 
> is currently written (plus Paul Eggert's reply in this bug) seem to 
> indicate that it's vulnerable to attack.

Yes, that's indeed the worry.

This bug report was last modified 2 years and 284 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #51327 28.0.60; emacsclient warns about XDG_RUNTIME_DIR when starting daemon on-demand

GNU bug report logs - #51327
28.0.60; emacsclient warns about XDG_RUNTIME_DIR when starting daemon on-demand