GNU bug report logs - #865
23.0.60; The directory is unsafe today

Previous Next

Package: emacs;

Reported by: "Lennart Borgman (gmail)" <lennart.borgman <at> gmail.com>

Date: Tue, 2 Sep 2008 16:10:05 UTC

Severity: normal

Merged with 3281, 4197, 8787

Found in version 23.3

Full log

View this message in rfc822 format

From: Stefan Monnier <monnier <at> iro.umontreal.ca>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: 865 <at> debbugs.gnu.org, jasonr <at> gnu.org, emacs-pretest-bug <at> gnu.org
Subject: bug#865: 23.0.60; The directory is unsafe today
Date: Sun, 07 Sep 2008 23:33:28 -0400

> This is impossible on Windows, AFAIK.  There are special flags to the
> syscall that opens a file or directory that can bypass any denied
> rights to enter a directory or open a file.  (These flags allegedly
> exist so that system backup and restore programs could DTRT without
> running as a privileged user.)

Are you saying that anybody can read any file (or dir) simply by using
those extra flags when they open those files and dirs?  So there's no
possible privacy between users on the same machine?  If so, we may just
stop to worry about server-ensure-safe-dir under w32 since there's
simply no way for it to be safe (short of encrypting it, which implies
a fairly different UI).


        Stefan
This bug report was last modified 7 years and 236 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.