From mboxrd@z Thu Jan 1 00:00:00 1970 Path: main.gmane.org!not-for-mail From: Steve Kemp Newsgroups: gmane.emacs.devel Subject: Re: many packages write to `temporary-file-directory' insecurely Date: Mon, 18 Mar 2002 23:49:01 +0000 Sender: emacs-devel-admin@gnu.org Message-ID: <20020318234901.A3377@tardis.ed.ac.uk> References: <200203051520.g25FKbw01899@rum.cs.yale.edu> <1015389617.25883.37.camel@space-ghost> <1015400126.18074.0.camel@space-ghost> <200203080908.g28986Z02524@wijiji.santafe.edu> <1015757200.18074.71.camel@space-ghost> <200203110901.g2B91Ej04386@wijiji.santafe.edu> <1016402881.5455.24.camel@space-ghost> <200203182006.g2IK6dB08697@wijiji.santafe.edu> <1016490983.17157.4.camel@space-ghost> NNTP-Posting-Host: localhost.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: main.gmane.org 1016506097 11063 127.0.0.1 (19 Mar 2002 02:48:17 GMT) X-Complaints-To: usenet@main.gmane.org NNTP-Posting-Date: Tue, 19 Mar 2002 02:48:17 +0000 (UTC) Cc: emacs-devel@gnu.org Original-Received: from quimby.gnus.org ([80.91.224.244]) by main.gmane.org with esmtp (Exim 3.33 #1 (Debian)) id 16n9fc-0002sL-00 for ; Tue, 19 Mar 2002 03:48:16 +0100 Original-Received: from fencepost.gnu.org ([199.232.76.164]) by quimby.gnus.org with esmtp (Exim 3.12 #1 (Debian)) id 16n9ki-0000wd-00 for ; Tue, 19 Mar 2002 03:53:32 +0100 Original-Received: from localhost ([127.0.0.1] helo=fencepost.gnu.org) by fencepost.gnu.org with esmtp (Exim 3.34 #1 (Debian)) id 16n6uF-0005PJ-00; Mon, 18 Mar 2002 18:51:11 -0500 Original-Received: from master.tardis.ed.ac.uk ([193.62.81.6]) by fencepost.gnu.org with smtp (Exim 3.34 #1 (Debian)) id 16n6sC-0005In-00 for ; Mon, 18 Mar 2002 18:49:05 -0500 Original-Received: from davros.tardis.ed.ac.uk (davros.tardis.ed.ac.uk [193.62.81.4]) by master.tardis.ed.ac.uk (Postfix) with ESMTP id D5A172F807; Mon, 18 Mar 2002 23:49:05 +0000 (GMT) Original-Received: by davros.tardis.ed.ac.uk (Postfix, from userid 16012) id 08D29C15A; Mon, 18 Mar 2002 23:49:01 +0000 (GMT) Original-To: Colin Walters Mail-Followup-To: Steve Kemp , Colin Walters , emacs-devel@gnu.org Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <1016490983.17157.4.camel@space-ghost>; from walters@verbum.org on Mon, Mar 18, 2002 at 05:36:23PM -0500 Errors-To: emacs-devel-admin@gnu.org X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.0.5 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: Emacs development discussions. List-Unsubscribe: , List-Archive: Xref: main.gmane.org gmane.emacs.devel:2021 X-Report-Spam: http://spam.gmane.org/gmane.emacs.devel:2021 On Mon, Mar 18, 2002 at 05:36:23PM -0500, Colin Walters wrote: > I was talking with some Debian hackers on IRC about this problem, and > one of them suggested a setgid helper program, sort of like movemail. > This seems to me to be the best solution. We could give it arguments > like: > > /usr/lib/emacs/21.3/update-score --file=/var/games/emacs/snake-scores > --add-score "Jane Hacker 12345 points" > Any thoughts/objections regarding this solution? It would solve the file locking problem, and allow shared scores. But it would appear to have the major flaw that a malicious user could fake their scores with almost no effort, eg: [matrix] skx > update-score --file=/var/games/emacs/snake-score --add-score "Steve 99999999999999 points" I assume that you'd be making this setgid games, so that other files wouldn't be overwritable..? Steve --- _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://mail.gnu.org/mailman/listinfo/emacs-devel