tn@leadsv.UUCP (Tristan Nefzger) (02/22/90)
Some time ago a review of Clifford Stoll's book appeared in EE Times
(11/6/89). Mentioned was a bug in Gnu Emacs which "allows a file to
be moved into the protected systems space." Do you know of any
security holes in Gnu Emacs and what versions they are in?
Thanks.
Tristan Nefzger
Lockheed M & S
O/62-37 B/150
Sunnyvale, CA 94089-3504
{ucbvax, pyramid}!leadsv!tn
(408) 756-4127piet@cs.ruu.nl (Piet van Oostrum) (02/24/90)
In article <10022@leadsv.UUCP>, tn@leadsv (Tristan Nefzger) writes:
`Some time ago a review of Clifford Stoll's book appeared in EE Times
`(11/6/89). Mentioned was a bug in Gnu Emacs which "allows a file to
`be moved into the protected systems space." Do you know of any
`security holes in Gnu Emacs and what versions they are in?
`
The bug was not in emacs itself but in the movemail program. On many sites
this is installed setuid root, because it needs write access to the mail
directory. It used to copy the mail file without checking if the user had
access to the output file. This has been fixed in release 18.53.
--
Piet* van Oostrum, Dept of Computer Science, Utrecht University,
Padualaan 14, P.O. Box 80.089, 3508 TB Utrecht, The Netherlands.
Telephone: +31-30-531806 Uucp: uunet!mcsun!hp4nl!ruuinf!piet
Telefax: +31-30-513791 Internet: piet@cs.ruu.nl (*`Pete')jeff@cdp.UUCP (02/24/90)
There were some folks who were installing Gnu Emacs setuid to root who had security problems. Are we surprised? Jeff Dean uunet!pyramid!cdp!jeff
baur@venice.SEDD.TRW.COM (Steven L. Baur) (02/25/90)
From article <10022@leadsv.UUCP>, by tn@leadsv.UUCP (Tristan Nefzger): > Some time ago a review of Clifford Stoll's book appeared in EE Times > (11/6/89). Mentioned was a bug in Gnu Emacs which "allows a file to > be moved into the protected systems space." Do you know of any > security holes in Gnu Emacs and what versions they are in? Sure. All files edited by root and having read permission turned off for world are e-mailed to rms :-). -- steve baur@venice.SEDD.TRW.COM A computer which cannot run GNU emacs is not worth using.
jkrueger@dgis.dtic.dla.mil (Jon) (02/27/90)
>From article <10022@leadsv.UUCP>, by tn@leadsv.UUCP (Tristan Nefzger): >> Some time ago a review of Clifford Stoll's book appeared in EE Times >> (11/6/89). Mentioned was a bug in Gnu Emacs which "allows a file to >> be moved into the protected systems space." Do you know of any >> security holes in Gnu Emacs and what versions they are in? This is a common canard. The facts are that GNU Emacs comes with a program called movemail, which some people installed setuid root, without sanction from the install instructions or common sense. That this is exploitable and was exploited should surprise no one who is qualified to perform UNIX system administration. That this was caused by "a bug in GNU Emacs" is a rumor without basis in fact. -- Jon -- Jonathan Krueger jkrueger@dtic.dla.mil uunet!dgis!jkrueger The Philip Morris Companies, Inc: without question the strongest and best argument for an anti-flag-waving amendment.