From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Paul Eggert Newsgroups: gmane.emacs.bugs Subject: bug#51327: 28.0.60; emacsclient warns about XDG_RUNTIME_DIR when starting daemon on-demand Date: Wed, 8 Dec 2021 11:06:12 -0800 Organization: UCLA Computer Science Department Message-ID: References: <53706fa9-1458-fb5c-bd31-15ab555b59e9@gmail.com> <834k7kze0z.fsf@gnu.org> <212e4974-785a-65e0-70cc-fed7ea3ddacf@cs.ucla.edu> <3107b151-c56b-7c8d-7277-cbc39273a401@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="19638"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.3.1 Cc: 51327@debbugs.gnu.org To: Jim Porter , Stefan Kangas , Eli Zaretskii Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Wed Dec 08 20:07:31 2021 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mv2Hq-0004tG-Sh for geb-bug-gnu-emacs@m.gmane-mx.org; Wed, 08 Dec 2021 20:07:30 +0100 Original-Received: from localhost ([::1]:49186 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mv2Hp-00005J-Gr for geb-bug-gnu-emacs@m.gmane-mx.org; Wed, 08 Dec 2021 14:07:29 -0500 Original-Received: from eggs.gnu.org ([209.51.188.92]:60892) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mv2HO-0008VT-Hh for bug-gnu-emacs@gnu.org; Wed, 08 Dec 2021 14:07:03 -0500 Original-Received: from debbugs.gnu.org ([209.51.188.43]:58056) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mv2HO-00062i-9x for bug-gnu-emacs@gnu.org; Wed, 08 Dec 2021 14:07:02 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1mv2HO-0003mH-13 for bug-gnu-emacs@gnu.org; Wed, 08 Dec 2021 14:07:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Paul Eggert Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Wed, 08 Dec 2021 19:07:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 51327 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: security patch Original-Received: via spool by 51327-submit@debbugs.gnu.org id=B51327.163899038114470 (code B ref 51327); Wed, 08 Dec 2021 19:07:01 +0000 Original-Received: (at 51327) by debbugs.gnu.org; 8 Dec 2021 19:06:21 +0000 Original-Received: from localhost ([127.0.0.1]:41369 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mv2Gj-0003lK-B9 for submit@debbugs.gnu.org; Wed, 08 Dec 2021 14:06:21 -0500 Original-Received: from zimbra.cs.ucla.edu ([131.179.128.68]:53458) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mv2Gh-0003l6-JF for 51327@debbugs.gnu.org; Wed, 08 Dec 2021 14:06:20 -0500 Original-Received: from localhost (localhost [127.0.0.1]) by zimbra.cs.ucla.edu (Postfix) with ESMTP id 01E35160083; Wed, 8 Dec 2021 11:06:14 -0800 (PST) Original-Received: from zimbra.cs.ucla.edu ([127.0.0.1]) by localhost (zimbra.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id KbD5_L4bLPB9; Wed, 8 Dec 2021 11:06:13 -0800 (PST) Original-Received: from localhost (localhost [127.0.0.1]) by zimbra.cs.ucla.edu (Postfix) with ESMTP id 4CC701600AE; Wed, 8 Dec 2021 11:06:13 -0800 (PST) X-Virus-Scanned: amavisd-new at zimbra.cs.ucla.edu Original-Received: from zimbra.cs.ucla.edu ([127.0.0.1]) by localhost (zimbra.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id r_yKUc2KMixi; Wed, 8 Dec 2021 11:06:13 -0800 (PST) Original-Received: from [192.168.1.9] (cpe-172-91-119-151.socal.res.rr.com [172.91.119.151]) by zimbra.cs.ucla.edu (Postfix) with ESMTPSA id 13E72160083; Wed, 8 Dec 2021 11:06:13 -0800 (PST) Content-Language: en-US In-Reply-To: <3107b151-c56b-7c8d-7277-cbc39273a401@gmail.com> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.io gmane.emacs.bugs:221938 Archived-At: On 12/7/21 22:57, Jim Porter wrote: > Doing that by default opens a loophole for all emacsclient users, but > what about a command-line flag like `emacsclient > --allow-tmpdir-loophole' and/or an environment variable like > `EMACS_ALLOW_TMPDIR_LOOPHOLE=1 emacsclient' (with a better name, of > course)? Then, the default behavior would be free of loopholes[2], but > Ulrich's case could be achieved by passing that flag when calling > emacsclient. It might even be possible for Gentoo to enable that for the > user in the appropriate cases... Yes, I think something like this would be OK. The command-line flag would be easier to audit. Not sure whether a last-minute change like this should go into Emacs 28, though, even though it's security-relevant. Eli would be a better judge of that.