From 99f4c17615c9c8461d30916cbd3ce1a3e93a3aa9 Mon Sep 17 00:00:00 2001 From: Lars Ingebrigtsen Date: Sat, 29 Jan 2022 17:49:52 +0100 Subject: [PATCH] Modernise the security section in the efaq a bit * doc/misc/efaq.texi (Security risks with Emacs): Remove the X bit, and add a bit about browsing the web (bug#24489). --- doc/misc/efaq.texi | 55 +++++----------------------------------------- 1 file changed, 6 insertions(+), 49 deletions(-) diff --git a/doc/misc/efaq.texi b/doc/misc/efaq.texi index ed8a919ac7e..5d4d378d82a 100644 --- a/doc/misc/efaq.texi +++ b/doc/misc/efaq.texi @@ -3376,56 +3376,13 @@ bottom of files by setting the variable @code{enable-local-eval}. @xref{File Variables,,, emacs, The GNU Emacs Manual}. @item -Synthetic X events. (Yes, a risk; use @samp{MIT-MAGIC-COOKIE-1} or -better.) - -Emacs accepts synthetic X events generated by the @code{SendEvent} -request as though they were regular events. As a result, if you are -using the trivial host-based authentication, other users who can open X -connections to your X workstation can make your Emacs process do -anything, including run other processes with your privileges. - -The only fix for this is to prevent other users from being able to open -X connections. The standard way to prevent this is to use a real -authentication mechanism, such as @samp{MIT-MAGIC-COOKIE-1}. If using -the @code{xauth} program has any effect, then you are probably using -@samp{MIT-MAGIC-COOKIE-1}. Your site may be using a superior -authentication method; ask your system administrator. - -If real authentication is not a possibility, you may be satisfied by -just allowing hosts access for brief intervals while you start your X -programs, then removing the access. This reduces the risk somewhat by -narrowing the time window when hostile users would have access, but -@emph{does not eliminate the risk}. - -On most computers running Unix and X, you enable and disable -access using the @code{xhost} command. To allow all hosts access to -your X server, use +Browsing the web. -@example -xhost + -@end example - -@noindent -at the shell prompt, which (on an HP machine, at least) produces the -following message: - -@example -access control disabled, clients can connect from any host -@end example - -To deny all hosts access to your X server (except those explicitly -allowed by name), use - -@example -xhost - -@end example - -On the test HP computer, this command generated the following message: - -@example -access control enabled, only authorized clients can connect -@end example +Emacs relies on C libraries to parse images, and historically, many of +these have had exploitable weaknesses. If you're browsing the web +with the eww browser, it will usually download and display images +using these libraries. If an image library has a weakness, it may be +used by an attacker to gain access. @end itemize -- 2.39.5