From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: "Lennart Borgman (gmail)" Newsgroups: gmane.emacs.bugs Subject: bug#865: 23.0.60; The directory is unsafe today Date: Sat, 06 Sep 2008 19:41:37 +0200 Message-ID: <48C2C0D1.5010409@gmail.com> References: <48BD642C.5050405@gmail.com> <48BD74D5.4050800@gnu.org> <48BDD155.8060005@gnu.org> <48BF2171.8040101@gnu.org> <48BF5671.1040705@gnu.org> Reply-To: "Lennart Borgman \(gmail\)" , 865@emacsbugs.donarmstrong.com NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Trace: ger.gmane.org 1220724469 400 80.91.229.12 (6 Sep 2008 18:07:49 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Sat, 6 Sep 2008 18:07:49 +0000 (UTC) To: Francis Litterio , 865@emacsbugs.donarmstrong.com Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Sat Sep 06 20:08:43 2008 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.50) id 1Kc2DB-0002zC-Ci for geb-bug-gnu-emacs@m.gmane.org; Sat, 06 Sep 2008 20:08:41 +0200 Original-Received: from localhost ([127.0.0.1]:40664 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Kc2CB-0008Fy-Jh for geb-bug-gnu-emacs@m.gmane.org; Sat, 06 Sep 2008 14:07:39 -0400 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1Kc2C7-0008EW-Cn for bug-gnu-emacs@gnu.org; Sat, 06 Sep 2008 14:07:35 -0400 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1Kc2C6-0008Dq-Dl for bug-gnu-emacs@gnu.org; Sat, 06 Sep 2008 14:07:34 -0400 Original-Received: from [199.232.76.173] (port=45477 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Kc2C6-0008Dm-Au for bug-gnu-emacs@gnu.org; Sat, 06 Sep 2008 14:07:34 -0400 Original-Received: from rzlab.ucr.edu ([138.23.92.77]:50067) by monty-python.gnu.org with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1Kc2C5-0000Qr-Jp for bug-gnu-emacs@gnu.org; Sat, 06 Sep 2008 14:07:33 -0400 Original-Received: from rzlab.ucr.edu (rzlab.ucr.edu [127.0.0.1]) by rzlab.ucr.edu (8.13.8/8.13.8/Debian-3) with ESMTP id m86I7Ve4021566; Sat, 6 Sep 2008 11:07:32 -0700 Original-Received: (from debbugs@localhost) by rzlab.ucr.edu (8.13.8/8.13.8/Submit) id m86Ho4lk014495; Sat, 6 Sep 2008 10:50:04 -0700 X-Loop: don@donarmstrong.com Resent-From: "Lennart Borgman (gmail)" Resent-To: bug-submit-list@donarmstrong.com Resent-CC: Emacs Bugs Resent-Date: Sat, 06 Sep 2008 17:50:03 +0000 Resent-Message-ID: Resent-Sender: don@donarmstrong.com X-Emacs-PR-Message: report 865 X-Emacs-PR-Package: emacs X-Emacs-PR-Keywords: Original-Received: via spool by 865-submit@emacsbugs.donarmstrong.com id=B865.122072290512346 (code B ref 865); Sat, 06 Sep 2008 17:50:03 +0000 Original-Received: (at 865) by emacsbugs.donarmstrong.com; 6 Sep 2008 17:41:45 +0000 Original-Received: from ch-smtp02.sth.basefarm.net (ch-smtp02.sth.basefarm.net [80.76.149.213]) by rzlab.ucr.edu (8.13.8/8.13.8/Debian-3) with ESMTP id m86HffBg012339 for <865@emacsbugs.donarmstrong.com>; Sat, 6 Sep 2008 10:41:42 -0700 Original-Received: from c83-254-151-87.bredband.comhem.se ([83.254.151.87]:64489 helo=[127.0.0.1]) by ch-smtp02.sth.basefarm.net with esmtp (Exim 4.68) (envelope-from ) id 1Kc1n2-00026R-7S; Sat, 06 Sep 2008 19:41:40 +0200 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.9) Gecko/20071031 Thunderbird/2.0.0.9 Mnenhy/0.7.5.666 In-Reply-To: X-Enigmail-Version: 0.95.7 X-Antivirus: avast! (VPS 080906-0, 2008-09-06), Outbound message X-Antivirus-Status: Clean X-Originating-IP: 83.254.151.87 X-Scan-Result: No virus found in message 1Kc1n2-00026R-7S. X-Scan-Signature: ch-smtp02.sth.basefarm.net 1Kc1n2-00026R-7S bf2e9da7d92ed74512dbf34367eaf7ac X-detected-kernel: by monty-python.gnu.org: Linux 2.6 (newer, 3) Resent-Date: Sat, 06 Sep 2008 14:07:34 -0400 X-BeenThere: bug-gnu-emacs@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:20238 Archived-At: Francis Litterio wrote: > Eli Zaretskii wrote: > >>> From: Stefan Monnier > >>> But I'd argue that having the umask (aka default-file-modes) set to >>> #o700 could be used as a tell-tale sign, so it sounds to me like it >>> might be doable by adding w32 C code without any C-level changes. >> So you are saying we should assume that when umask has its two lower >> mode bits set to zero, the intent is to create a private file >> accessible only by the user who runs Emacs? I don't like such >> assumptions, but if I'm the only one, so be it. > > Overloading the semantics of a subset of the bits in the umask seems > prone to confusion. Why not create a new w32-... variable to encode > those semantics? Unfortunately they are already overloaded on w32. I think the best remedy would be to just remove that on w32. New primitives are needed if we really want to handle security from within Emacs. I am not sure it is good to do that, but if you really want to handle security it must of course be carefully done. For the current problem a work around using a special function in server-ensure-safe-dir for OS:es that uses ACLs for security control would be the best in my opinion.