[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Risky local variable mechanism
|
From: |
Stefan Monnier |
|
Subject: |
Re: Risky local variable mechanism |
|
Date: |
Thu, 02 Feb 2006 12:00:02 -0500 |
|
User-agent: |
Gnus/5.11 (Gnus v5.11) Emacs/22.0.50 (gnu/linux) |
> I am not sure binding sendmail-program is unsafe.
> It will generally have no effect if you bind it locally
> in a buffer that isn't a mail buffer. But looking at the more
> general issue of binding variables that specify programs to run,
> I am not sure how much of a security issue that is,
> other than for root. It can only run programs that exist.
> Even if you could set sendmail-program globally in Emacs,
> could you actually find a value that would predictably do harm?
It mostly depends on whether or not the string represent the filename of
a program or the beginning of a shell command (i.e. can it include
arguments?).
"Interesting" commands can be "rm" (of course), "echo foobar
~/.ssh/authorized_keys", ...
Stefan