GNU bug report logs - #865
23.0.60; The directory is unsafe today

Previous Next

Package: emacs;

Reported by: "Lennart Borgman (gmail)" <lennart.borgman <at> gmail.com>

Date: Tue, 2 Sep 2008 16:10:05 UTC

Severity: normal

Merged with 3281, 4197, 8787

Found in version 23.3

Full log

Message #600 received at submit <at> emacsbugs.donarmstrong.com (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Stefan Monnier <monnier <at> iro.umontreal.ca>
Cc: 865 <at> debbugs.gnu.org, jasonr <at> gnu.org, emacs-pretest-bug <at> gnu.org
Subject: Re: bug#865: 23.0.60; The directory is unsafe today
Date: Sun, 07 Sep 2008 21:33:47 +0300

> From: Stefan Monnier <monnier <at> iro.umontreal.ca>
> Cc: 865 <at> emacsbugs.donarmstrong.com,  jasonr <at> gnu.org,  emacs-pretest-bug <at> gnu.org
> Date: Sat, 06 Sep 2008 23:43:52 -0400
> 
> > The MS-Windows access right set is richer than just Read,
> > Write, Execute.
> 
> That doesn't really matter, the point is that nobody but the creating
> user should have any right.

This is impossible on Windows, AFAIK.  There are special flags to the
syscall that opens a file or directory that can bypass any denied
rights to enter a directory or open a file.  (These flags allegedly
exist so that system backup and restore programs could DTRT without
running as a privileged user.)

So, if we are to emulate this special value of mode-bits on Windows,
we need to decide exactly what rights we need to deny.

Or maybe a better implementation for Windows would be to create
encrypted files.  Or maybe something else entirely; that's why I was
asking questions about the semantics of this.
This bug report was last modified 7 years and 236 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.