Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

/tmp/webmacs.ipc can be read by all users #107

Closed
TLATER opened this issue Feb 21, 2019 · 1 comment
Closed

/tmp/webmacs.ipc can be read by all users #107

TLATER opened this issue Feb 21, 2019 · 1 comment

Comments

@TLATER
Copy link

TLATER commented Feb 21, 2019

While going through #104 again, I noticed that webmacs' /tmp/webmacs.ipc has 755 permissions on my system. I don't know much about python's IPC server, or how it is currently used in this project, but I imagine that this could be used by other users to monitor webmacs usage. This is a little creepy, and sounds like a security issue waiting to happen (although I'm not sure anything malicious could be done through the current interface).

That said, I believe it should anyway be moved to /run/<uid> and more properly secured as part of #104.
@TLATER TLATER mentioned this issue Feb 21, 2019
Open
@parkouss
Copy link
Owner

Agreed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@TLATER @parkouss