From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Paul Eggert <eggert@cs.ucla.edu>
Newsgroups: gmane.emacs.bugs
Subject: bug#12632: file permissions checking mishandled when setuid
Date: Fri, 19 Oct 2012 12:36:54 -0700
Message-ID: <5081ABD6.9060002@cs.ucla.edu>
References: <5078CAB6.7020509@cs.ucla.edu> <83fw5i7s4p.fsf@gnu.org>
	<83a9vq7oqh.fsf@gnu.org> <507A58CC.10209@cs.ucla.edu>
	<83fw5h5yo6.fsf@gnu.org> <507B010F.20105@cs.ucla.edu>
	<831uh06gqd.fsf@gnu.org> <507B15B0.2040802@cs.ucla.edu>
	<83txtw4xmk.fsf@gnu.org> <507B2354.3030408@cs.ucla.edu>
	<83sj9g4vy7.fsf@gnu.org> <507BAA6C.2000601@cs.ucla.edu>
	<83lif74p78.fsf@gnu.org> <507C823D.40304@cs.ucla.edu>
	<83d30j3wqg.fsf@gnu.org> <507CF802.6000305@cs.ucla.edu>
	<83a9vm4bmv.fsf@gnu.org> <50818763.80501@cs.ucla.edu>
	<83wqymz4me.fsf@gnu.org> <5081A1DF.9000009@cs.ucla.edu>
	<aiipa6uvso.fsf@fencepost.gnu.org>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Trace: ger.gmane.org 1350675456 854 80.91.229.3 (19 Oct 2012 19:37:36 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Fri, 19 Oct 2012 19:37:36 +0000 (UTC)
Cc: 12632@debbugs.gnu.org
To: Glenn Morris <rgm@gnu.org>
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Fri Oct 19 21:37:44 2012
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>
Envelope-to: geb-bug-gnu-emacs@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>)
	id 1TPIO7-0000pM-6j
	for geb-bug-gnu-emacs@m.gmane.org; Fri, 19 Oct 2012 21:37:43 +0200
Original-Received: from localhost ([::1]:36145 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org>)
	id 1TPINz-0006w7-6t
	for geb-bug-gnu-emacs@m.gmane.org; Fri, 19 Oct 2012 15:37:35 -0400
Original-Received: from eggs.gnu.org ([208.118.235.92]:37705)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1TPINw-0006vq-RP
	for bug-gnu-emacs@gnu.org; Fri, 19 Oct 2012 15:37:33 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1TPINv-0004Ss-Pm
	for bug-gnu-emacs@gnu.org; Fri, 19 Oct 2012 15:37:32 -0400
Original-Received: from debbugs.gnu.org ([140.186.70.43]:41857)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1TPINv-0004Sm-MO
	for bug-gnu-emacs@gnu.org; Fri, 19 Oct 2012 15:37:31 -0400
Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.72)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1TPIPO-000676-8X
	for bug-gnu-emacs@gnu.org; Fri, 19 Oct 2012 15:39:02 -0400
X-Loop: help-debbugs@gnu.org
Resent-From: Paul Eggert <eggert@cs.ucla.edu>
Original-Sender: debbugs-submit-bounces@debbugs.gnu.org
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Fri, 19 Oct 2012 19:39:02 +0000
Resent-Message-ID: <handler.12632.B12632.135067551623466@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 12632
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: patch
Original-Received: via spool by 12632-submit@debbugs.gnu.org id=B12632.135067551623466
	(code B ref 12632); Fri, 19 Oct 2012 19:39:02 +0000
Original-Received: (at 12632) by debbugs.gnu.org; 19 Oct 2012 19:38:36 +0000
Original-Received: from localhost ([127.0.0.1]:52108 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.72)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1TPIOx-00066R-5A
	for submit@debbugs.gnu.org; Fri, 19 Oct 2012 15:38:35 -0400
Original-Received: from smtp.cs.ucla.edu ([131.179.128.62]:49333)
	by debbugs.gnu.org with esmtp (Exim 4.72)
	(envelope-from <eggert@cs.ucla.edu>) id 1TPIOu-00066B-LL
	for 12632@debbugs.gnu.org; Fri, 19 Oct 2012 15:38:34 -0400
Original-Received: from localhost (localhost.localdomain [127.0.0.1])
	by smtp.cs.ucla.edu (Postfix) with ESMTP id D3AF1A60010;
	Fri, 19 Oct 2012 12:36:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu
Original-Received: from smtp.cs.ucla.edu ([127.0.0.1])
	by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id jrdpnvQy+iXF; Fri, 19 Oct 2012 12:36:55 -0700 (PDT)
Original-Received: from penguin.cs.ucla.edu (Penguin.CS.UCLA.EDU [131.179.64.200])
	by smtp.cs.ucla.edu (Postfix) with ESMTPSA id 469DDA6000E;
	Fri, 19 Oct 2012 12:36:55 -0700 (PDT)
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
	rv:16.0) Gecko/20121009 Thunderbird/16.0
In-Reply-To: <aiipa6uvso.fsf@fencepost.gnu.org>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.13
Precedence: list
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2)
X-Received-From: 140.186.70.43
X-BeenThere: bug-gnu-emacs@gnu.org
List-Id: "Bug reports for GNU Emacs,
	the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-gnu-emacs>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
	<mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.bugs:65757
Archived-At: <http://permalink.gmane.org/gmane.emacs.bugs/65757>

On 10/19/2012 12:05 PM, Glenn Morris wrote:

> I doubt anyone is running setuid Emacs anywhere

People do it all the time, often unwittingly, typically by
having setuid or settgid scripts that end up invoking an
editor.  I've run into the problem myself.

But I agree that this bug is not a new one.  The first bug
report I could find for it was from Chris Torek, dated 1983!
I suppose that if Emacs users have lived with this security
hole for three decades, they can live with it for a while
longer.  So I reverted the change from the trunk.

Here's a copy of Torek's report:

http://www.megalextoria.com/usenet-archive/news005f1/b12/net.emacs/00000104.html