From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Jason Rumney Newsgroups: gmane.emacs.bugs Subject: bug#865: 23.0.60; The directory is unsafe today Date: Mon, 08 Sep 2008 11:40:12 +0800 Message-ID: <48C49E9C.8090907@gnu.org> References: <48BD642C.5050405@gmail.com> <48BD74D5.4050800@gnu.org> <48BDD155.8060005@gnu.org> <48BF2171.8040101@gnu.org> <48BF5671.1040705@gnu.org> Reply-To: Jason Rumney , 865@emacsbugs.donarmstrong.com NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Trace: ger.gmane.org 1220846867 17991 80.91.229.12 (8 Sep 2008 04:07:47 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 8 Sep 2008 04:07:47 +0000 (UTC) Cc: 865@emacsbugs.donarmstrong.com To: Stefan Monnier Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Mon Sep 08 06:08:42 2008 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.50) id 1KcY3N-0000di-UL for geb-bug-gnu-emacs@m.gmane.org; Mon, 08 Sep 2008 06:08:42 +0200 Original-Received: from localhost ([127.0.0.1]:40051 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1KcY2N-0000Of-UN for geb-bug-gnu-emacs@m.gmane.org; Mon, 08 Sep 2008 00:07:39 -0400 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1KcY2K-0000OF-98 for bug-gnu-emacs@gnu.org; Mon, 08 Sep 2008 00:07:36 -0400 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1KcY2I-0000MI-KK for bug-gnu-emacs@gnu.org; Mon, 08 Sep 2008 00:07:36 -0400 Original-Received: from [199.232.76.173] (port=50503 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1KcY2I-0000M7-H8 for bug-gnu-emacs@gnu.org; Mon, 08 Sep 2008 00:07:34 -0400 Original-Received: from rzlab.ucr.edu ([138.23.92.77]:39527) by monty-python.gnu.org with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1KcY2H-00040m-Oh for bug-gnu-emacs@gnu.org; Mon, 08 Sep 2008 00:07:34 -0400 Original-Received: from rzlab.ucr.edu (rzlab.ucr.edu [127.0.0.1]) by rzlab.ucr.edu (8.13.8/8.13.8/Debian-3) with ESMTP id m8847W1E029139; Sun, 7 Sep 2008 21:07:32 -0700 Original-Received: (from debbugs@localhost) by rzlab.ucr.edu (8.13.8/8.13.8/Submit) id m883o4du022046; Sun, 7 Sep 2008 20:50:04 -0700 X-Loop: don@donarmstrong.com Resent-From: Jason Rumney Resent-To: bug-submit-list@donarmstrong.com Resent-CC: Emacs Bugs Resent-Date: Mon, 08 Sep 2008 03:50:04 +0000 Resent-Message-ID: Resent-Sender: don@donarmstrong.com X-Emacs-PR-Message: report 865 X-Emacs-PR-Package: emacs X-Emacs-PR-Keywords: Original-Received: via spool by 865-submit@emacsbugs.donarmstrong.com id=B865.122084526619831 (code B ref 865); Mon, 08 Sep 2008 03:50:04 +0000 Original-Received: (at 865) by emacsbugs.donarmstrong.com; 8 Sep 2008 03:41:06 +0000 Original-Received: from mk-outboundfilter-4.mail.uk.tiscali.com (mk-outboundfilter-4.mail.uk.tiscali.com [212.74.114.32]) by rzlab.ucr.edu (8.13.8/8.13.8/Debian-3) with ESMTP id m883f3wT019825 for <865@emacsbugs.donarmstrong.com>; Sun, 7 Sep 2008 20:41:04 -0700 Original-X-Trace: 133468614/mk-outboundfilter-2.mail.uk.tiscali.com/F2S/$F2S-INTERNET-ACCEPTED/None/61.4.103.130 X-SBRS: None X-RemoteIP: 61.4.103.130 X-IP-MAIL-FROM: jasonr@gnu.org X-IP-BHB: Once X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AhEBAPk7xEg9BGeC/2dsb2JhbAAIrGSFAIFm X-IronPort-AV: E=Sophos;i="4.32,355,1217804400"; d="scan'208";a="133468614" X-IP-Direction: OUT Original-Received: from unknown (HELO [10.1.1.112]) ([61.4.103.130]) by smtp.f2s.tiscali.co.uk with ESMTP; 08 Sep 2008 04:40:54 +0100 User-Agent: Thunderbird 2.0.0.16 (Windows/20080708) In-Reply-To: X-detected-kernel: by monty-python.gnu.org: Linux 2.6 (newer, 3) Resent-Date: Mon, 08 Sep 2008 00:07:35 -0400 X-BeenThere: bug-gnu-emacs@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:20337 Archived-At: Stefan Monnier wrote: >> This is impossible on Windows, AFAIK. There are special flags to the >> syscall that opens a file or directory that can bypass any denied >> rights to enter a directory or open a file. (These flags allegedly >> exist so that system backup and restore programs could DTRT without >> running as a privileged user.) >> > > Are you saying that anybody can read any file (or dir) simply by using > those extra flags when they open those files and dirs? So there's no > possible privacy between users on the same machine? If so, we may just > stop to worry about server-ensure-safe-dir under w32 since there's > simply no way for it to be safe (short of encrypting it, which implies > a fairly different UI). > I don't know the full details of NTFS security, but there is a special group called "Backup Users", which I would expect to be linked with the use of these flags somehow.