Control: tags -1 security
On 2018-02-21 22:41:53 -0800, Rob Browning wrote:
> I'm not sure I understand yet how this makes Emacs unusable -- does it
> warn or crash?
I've looked at it more closely, and the problem seems to come from
that when Emacs is run as root after "su" (without using -m or -p),
it still tries to use the user's config and modify things there!
In particular, it can be tricked by the user to create a file
anywhere, like this:
-rw------- 1 root root 2 2018-02-22 12:26:14 /created-by-emacs
Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)