Control: tags -1 security

On 2018-02-21 22:41:53 -0800, Rob Browning wrote:
> I'm not sure I understand yet how this makes Emacs unusable -- does it
> warn or crash?

I've looked at it more closely, and the problem seems to come from
that when Emacs is run as root after "su" (without using -m or -p),
it still tries to use the user's config and modify things there!
In particular, it can be tricked by the user to create a file
anywhere, like this:

-rw------- 1 root root 2 2018-02-22 12:26:14 /created-by-emacs

Vincent Lefèvre <> - Web: <>
100% accessible validated (X)HTML - Blog: <>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Reply via email to