From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Richard Stallman Newsgroups: gmane.emacs.devel Subject: Re: Closing a privilege escalation Date: Thu, 26 Apr 2018 17:05:23 -0400 Message-ID: References: Reply-To: rms@gnu.org NNTP-Posting-Host: blaine.gmane.org Content-Type: text/plain; charset=Utf-8 X-Trace: blaine.gmane.org 1524776632 7797 195.159.176.226 (26 Apr 2018 21:03:52 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Thu, 26 Apr 2018 21:03:52 +0000 (UTC) Cc: emacs-devel@gnu.org To: Lars Ingebrigtsen Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Thu Apr 26 23:03:48 2018 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fBo3Q-0001v0-4E for ged-emacs-devel@m.gmane.org; Thu, 26 Apr 2018 23:03:48 +0200 Original-Received: from localhost ([::1]:44461 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fBo5X-0002k0-5m for ged-emacs-devel@m.gmane.org; Thu, 26 Apr 2018 17:05:59 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:37223) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fBo5N-0002ey-Ju for emacs-devel@gnu.org; Thu, 26 Apr 2018 17:05:50 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fBo5M-0007WV-GL for emacs-devel@gnu.org; Thu, 26 Apr 2018 17:05:49 -0400 Original-Received: from fencepost.gnu.org ([2001:4830:134:3::e]:35481) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fBo4z-0007PG-EA; Thu, 26 Apr 2018 17:05:25 -0400 Original-Received: from rms by fencepost.gnu.org with local (Exim 4.82) (envelope-from ) id 1fBo4x-00027X-Ey; Thu, 26 Apr 2018 17:05:23 -0400 In-reply-to: (message from Lars Ingebrigtsen on Thu, 26 Apr 2018 09:20:52 +0200) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2001:4830:134:3::e X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.org gmane.emacs.devel:224914 Archived-At: [[[ To any NSA and FBI agents reading my email: please consider ]]] [[[ whether defending the US Constitution against all enemies, ]]] [[[ foreign or domestic, requires you to follow Snowden's example. ]]] > I thought the discussion concluded that a sudo user can do anything > (like put stuff in root's ~/.bashrc), and that this isn't something that > Emacs should worry about. A sudo-capable user can do all sorts of bad things while sudoing, but that's not what we are talkin about. Here the issue is what malicious code can do, while that user is NOT sudoing, to arrange to take advantage later. One way is by editing .emacs so that it will do something bad next time the user runs Emacs under sudo. Unfortunately, it seems there are many ways the code could do that, which do not work by editing .emacs. So trying to block that avenue is ineffective. -- Dr Richard Stallman President, Free Software Foundation (https://gnu.org, https://fsf.org) Internet Hall-of-Famer (https://internethalloffame.org) Skype: No way! See https://stallman.org/skype.html.