OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: RUS-CERT Advisory 200004-01: GNU Emacs 20
From: Glynn Clements (glynnSENSEI.CO.UK)
Date: Wed Apr 19 2000 - 22:47:33 CDT

Dan Harkless wrote:

> > RUS-CERT Advisory 200004-01: GNU Emacs 20
>
> As an XEmacs user, I would have liked to have seen one of the following
> statements:
>
> * These vulnerabilities only apply to GNU Emacs, not XEmacs.
>
> * We do not know if these vulnerabilities also apply to XEmacs.
>
> * These vulnerabilities apply to equally to GNU Emacs and XEmacs.

I guess that it would be option 2.

> On the systems listed above, when a new subprocess is created
> using the builtin Lisp function start-process, Emacs doesn't set
> proper permissions for the slave PTY device.

On XEmacs, start-process only uses a pty if process-connection-type is
"t", otherwise it uses (unnamed) pipes.

> 2. Unsafe creation of temporary files
>
> 2.1. Scope
>
> All Unix-like Emacs platforms on which public directories are
> used to store temporary files.

Recent versions of XEmacs honour $TMPDIR, so there shouldn't be any
need to use public directories.

> 3.3. Problem
>
> Functions like read-passwd do not clear the the history of
> recently typed keys. In fact, there is no way to do that from
> Emacs Lisp.

Ditto for XEmacs. 

--
Glynn Clements <glynnsensei.co.uk>