From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id qMPiJHGjr2BCDQAAgWs5BA (envelope-from ) for ; Thu, 27 May 2021 15:49:37 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id EFKbIHGjr2DGYAAAB5/wlQ (envelope-from ) for ; Thu, 27 May 2021 13:49:37 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 0EC7F270B3 for ; Thu, 27 May 2021 15:49:37 +0200 (CEST) Received: from localhost ([::1]:45464 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lmGOE-0001e5-Uw for larch@yhetil.org; Thu, 27 May 2021 09:49:34 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:48226) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lmGAr-0006Bp-Jl for emacs-orgmode@gnu.org; Thu, 27 May 2021 09:35:47 -0400 Received: from mail-ot1-x32a.google.com ([2607:f8b0:4864:20::32a]:45830) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lmGAm-0001kY-K5 for emacs-orgmode@gnu.org; Thu, 27 May 2021 09:35:45 -0400 Received: by mail-ot1-x32a.google.com with SMTP id t10-20020a05683022eab0290304ed8bc759so185280otc.12 for ; Thu, 27 May 2021 06:35:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Wh2hYavoZlK3wKguOLnPrAHtQhjpR6GuoyH4e32BXgs=; b=tm+O87Kz3CEbVpoApdry/dU57SsArsgOJBsgSWmrA1N2kfD13DwFt+qVsiF9z9Otsy AFIXMxkyXCZ1qYZt/jiIhxd3R8/vUYzHXHnXGsQ+1J/ETmqTzSPZ3pfCU1XUoVqWkF2o zFuLhpdpRI5PebRFHM/sNGgFMPbSfPrk4i9qWkdZesvFbN1QlgYjrY2dW1DmGCZ/XlsP 103+4TAkqoPGM81+MhECsCAbuftpKKXWcPUX3clvhaQqR5ujHVHLwV0GPXxih7/9ltXG Wo05g0kPYafBtwe1NznyuVvzsvld/OyXGw9C/YtArWuHeYRB4x+WuzdPej+TgEMqhl5/ QEeA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Wh2hYavoZlK3wKguOLnPrAHtQhjpR6GuoyH4e32BXgs=; b=m9iALyu7BR2q4AJW/K2bEavk5EDFNKGqFYl5GMcW1ZDiIKqQMT6M9ZGzN6welMXP2o T3zgJR/1lmnRfPj55OWWTgVnebJQc0pvLuF09dl29v+sr3m7nuM6EA14SQ4jlPyKgBIL hGDmVzFsavHL+143awkfD+J3yXi9AsQLasa+oh1uSqRCdLFqJ2g8/FqFg5kd1mteFES7 rfSRHLtdEvOF1a0JDbc8dz/T1YSW8GgidUtKIM/X2LCcP1Hq5R/PryOjZZnaquvEdSG3 4lGpdctgyHB8WPHD0bZ67mMF2jhAq98IXX3TZKAsMExGBQTmg/u5giDSpR2F8DC3oeXJ gQoA== X-Gm-Message-State: AOAM533UfkWiJbxmmPu7a5QYyhobDQdRk0qyWRH/3yt/HXNg49iUijlr bJsGqQ7w2jyFjk3xDzX4uYOrM1GCTeAqunOIM7A= X-Google-Smtp-Source: ABdhPJz4MYmwgn/k1njCCZPeFWHP5L5DCLUJckbiSbn8JHQjlpJOTFRyxpRrV96rrasaPTozlGaSpKIXSOZDh0D0C+M= X-Received: by 2002:a05:6830:16c4:: with SMTP id l4mr2886267otr.93.1622122538900; Thu, 27 May 2021 06:35:38 -0700 (PDT) MIME-Version: 1.0 References: <2nk0nl7asb.fsf@fencepost.gnu.org> <87r1hsmis2.fsf@gmail.com> In-Reply-To: <87r1hsmis2.fsf@gmail.com> From: Rafael Ramirez Morales Date: Thu, 27 May 2021 15:35:25 +0200 Message-ID: Subject: Re: bug#48676: Arbitrary code execution in Org export macros To: Tim Cross Content-Type: multipart/alternative; boundary="000000000000b6a0e605c34fd5b8" Received-SPF: pass client-ip=2607:f8b0:4864:20::32a; envelope-from=rafael.ramirezmorales@gmail.com; helo=mail-ot1-x32a.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-orgmode@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: emacs-orgmode@gnu.org Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org Sender: "Emacs-orgmode" X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1622123377; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=Wh2hYavoZlK3wKguOLnPrAHtQhjpR6GuoyH4e32BXgs=; b=EujnRIvPVYjIK/emgU1RZKvTGWmp/Yl8DKBOOFAaEFk4QcUCh5XA9Z8LkLyjezXmj98JLQ c5RHzJt7v9Hz4lHYv1doEf7wq6wGzrbb0qXQH0WVEo6KI/xj1snSoDiUlj21h7hYl333yP AWO9iy3O5mC3UOwtT794PYkUgmEXoUNJWLjsEOLJHwHi561n6/dUda2XgXjm9zk8sjXinH WvD2+KvFZFBkMv6DrwfvSGElp4BIMUC1DOVHf2q5DRtk0Ls+xdTunw+2ol0BNArfiV/nK+ SZI0WNX9cMzlHOUpODYL/NMyLPEdbz4DFcFrkbRyRpZBtbhVf1Bww31P6hZqBw== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1622123377; a=rsa-sha256; cv=none; b=MiOBkEoto5KfmVWVm+jceUmjOJQeDTkETjgS8wzo3UetWmoWKnp8hWizRtrICthoXL//y1 NW7MmCx+E1Zww+/7oUUKq3Y4g6NALOpWfKm9WXN4oQ/81mGbzi+A/g8IoGjNK4xWGvnYG9 93W1rFbo3oSTs8cLIlUJbWQuEA56DfATh8alC+bhOL3R112VUxCI0eCyOvbzh/528x2rMH dn8ssnP6efHDZ4boVV6GTk3+4ulFES7TWzwSgtlXe06MRD7BJFRC8dHJe+oqfAk3+dV2Ff XT/x1THrPDov7Bix1qvztVlotFqSWXGe2LlMSeoZsEjfY0nqznoXlsceB/gsnA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20161025 header.b=tm+O87Kz; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of emacs-orgmode-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=emacs-orgmode-bounces@gnu.org X-Migadu-Spam-Score: -3.13 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20161025 header.b=tm+O87Kz; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of emacs-orgmode-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=emacs-orgmode-bounces@gnu.org X-Migadu-Queue-Id: 0EC7F270B3 X-Spam-Score: -3.13 X-Migadu-Scanner: scn0.migadu.com X-TUID: RFAaRXY+eW8q --000000000000b6a0e605c34fd5b8 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Thanks, you managed to understand my question. I was wondeing if there was a risk of privilege escalation. Fortunately that seems not to be the case. El jue., 27 may. 2021 15:13, Tim Cross escribi=C3= =B3: > > Rafael Ramirez Morales writes: > > > Just a couple of questions: > > who is the owner of the HELLO file? > > OR > > who is the owner of the "touch" process? > > > > Is the owner the unprivileged user or the "emacs" system? > > > > Thanks. > > > > Not clear exactly what your asking. The process which will execute the > 'touch' will be a sub-process of the process running Emacs. This will > typically be the user who executes Emacs and willl have the same > permissions and access rights as the user running Emacs. There is no > 'emacs' system and the privileges will be the same as the user who runs > Emacs. This is assuming a 'normal' installation, not some unusual setup > which uses setuid or similar to alter the way Emacs runs or the > ownership of files in a directory etc. > > --000000000000b6a0e605c34fd5b8 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Thanks, you managed to understand my question. I was= wondeing if there was a risk of privilege escalation. Fortunately that see= ms not to be the case.


El jue., 27 may. 2= 021 15:13, Tim Cross <theophilu= sx@gmail.com> escribi=C3=B3:

Rafael Ramirez Morales <rafael.ramirezmorales@gmail.com= > writes:

> Just a couple of questions:
> who is the owner of the HELLO file?
> OR
> who is the owner of the "touch" process?
>
> Is the owner the unprivileged user or the "emacs" system? >
> Thanks.
>

Not clear exactly what your asking. The process which will execute the
'touch' will be a sub-process of the process running Emacs. This wi= ll
typically be the user who executes Emacs and willl have the same
permissions and access rights as the user running Emacs. There is no
'emacs' system and the privileges will be the same as the user who = runs
Emacs. This is assuming a 'normal' installation, not some unusual s= etup
which uses setuid or similar to alter the way Emacs runs or the
ownership of files in a directory etc.

--000000000000b6a0e605c34fd5b8--