bug#865: 23.0.60; The directory is unsafe today

[Eli Zaretskii]

> From: Stefan Monnier <monnier@iro.umontreal.ca>
> Cc: 865@emacsbugs.donarmstrong.com,  jasonr@gnu.org,  
> emacs-pretest-bug@gnu.org
> Date: Tue, 09 Sep 2008 10:37:57 -0400
> 
> > But I don't think we should dismiss the privacy issue just because it
> > can be bypassed by an ill meaning program: the same can happen on
> > Unix, given a program that deliberately gains root access.  "Normal"
> > programs don't use those special access flags and privileges, and so
> > cannot access files in a private directory.
> 
> Huh?  Those programs that can deliberately gain root access are kept
> under very tight control.  For a normal user to be able to read
> arbitrary files on the system is considered as a major security hole on
> unixy systems (even if she has to go through contortions to do that).

I'm not going to argue about merits and demerits of Unix vs Windows
wrt security.  My point was that using a private directory in
server.el is important on Windows even if you think its security level
is lower than that of Unix systems.  And I hoped that you'd provide
some guidance for implementing this on Windows.